Moozatech Advisory http://www.moozatech.com/mt-12-09-2003.txt
Application: MyServer Web Server Web Site: http://myserverweb.sf.net Versions: 0.4.3 Platform: Windows98,Windows2000,Linux Bug: Buffer Overflow. Risk: Remote DOS and unauthorized remote access. Severity: High Fix Available: Yes
1) Introduction 2) Bug 3) The Code 4) Fix 5) About Moozatech
=============== 1) Introduction ===============
MyServer is a free, powerful web server program designed to be easily run on a personal Computer by the average computer user. It is a multithread application and supports HTTP, CGI, ISAPI, WinCGI and FastCGI protocols.
====== 2) Bug ======
a buffer overflow might allow Remote attacker to invoke malicious code by submitting a request containing excessive data. That will cause a buffer overflow and might allow to run code of choice Under the web server privileges. The problem is in the MSCGI library (cgi-lib.dll) that doesn’t handle correctly long String values for the URI variables.
==================== 3) Proof of concept. ====================
nc.exe -v www.victim.com < request.txt
-- The script is attached. This will crash the program with a memory overflow.
====== 4) Fix ======
The author has confirmed this bug and temporary fix is available through MyServer cvs repository at: http://myserverweb.sourceforge.net/cvs.php Complete patch will be available in the next upcoming release of myserver.
================== 5) About Moozatech ==================
Moozatech IT Systems Ltd. (“Moozatech”) is a leading information security consulting and project management firm focused on developing "Secure IT Solutions" which best suit the client's operational needs. Moozatech devotes time to make a secure computing environment for customers.