Vulners
Lucene search
DST2K0018.txt
🗓️ 21 Jun 2000 00:00:00Reported by Delphis Security TeamType 
packetstorm🔗 packetstormsecurity.com👁 25 Views
`============================================================================
====
Delphis Consulting Plc
============================================================================
====
Security Team Advisories
[19/06/2000]
[email protected]
[http://www.delphisplc.com/thinking/whitepapers/]
============================================================================
====
Adv : DST2K0018
Title : Multiple BufferOverruns in WebBBS HTTP Server v1.15
Author : DCIST ([email protected])
O/S : Microsoft Windows NT v4.0 Workstation (SP6)
Product : WebBBS v1.15
Date : 19/06/2000
I. Description
II. Solution
III. Disclaimer
============================================================================
====
I. Description
============================================================================
====
Vendor URL: http://www.webbbs.org/
Delphis Consulting Internet Security Team (DCIST) discovered the following
vulnerabilities in WebBBS under Windows NT.
Severity: high
By using the Webserver which is shipped and installed by default with WebBBS
it
is possible to cause a BufferOverRun in WebBBS. This is done be connecting
to port 80 (WebBBS) which the service resides on by default and sending a
large
filename. The string has to be a length of 227 + EIP (4 bytes making a total
of
231 bytes). This will cause the above application to BufferOverRun over
writing
EIP. This would allow an attacker to execute arbitrary code.
Severity: high
By using the Webserver which is shipped and installed by default with WebBBS
it
is possible to cause a BufferOverRun in WebBBS. This is done be connecting
to port 80 (WebBBS) which the service resides on by default and sending a
large
get statements (the Logon screen is a good example). The string has to be a
length of 545 + EIP (4 bytes making a total of 549 bytes). This will cause
the
above application to BufferOverRun over writing EIP. This would allow an
attacker
to execute arbitrary code.
II. Solution
============================================================================
====
Vendor Status: Informed
We would like to thank WebBBS for their very quick response, these have been
resolved
in v1.17 which is due for release soon.
III. Disclaimer
============================================================================
====
THE INFORMATION CONTAINED IN THIS ADVISORY IS BELIEVED TO BE ACCURATE AT
THE TIME OF PRINTING, BUT NO REPRESENTATION OR WARRANTY IS GIVEN, EXPRESS OR
IMPLIED, AS TO ITS ACCURACY OR COMPLETENESS. NEITHER THE AUTHOR NOR THE
PUBLISHER ACCEPTS ANY LIABILITY WHATSOEVER FOR ANY DIRECT, INDIRECT OR
CONSEQUENTIAL LOSS OR DAMAGE ARISING IN ANY WAY FROM ANY USE OF, OR RELIANCE
PLACED ON, THIS INFORMATION FOR ANY PURPOSE.
============================================================================
====
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
21 Jun 2000 00:00Current
7.4High risk
Vulners AI Score7.4