Home page logo

bugtraq logo Bugtraq mailing list archives

Moozatech: MyServer Buffer Overflow vulnerability
From: "Moran" <moran () moozatech com>
Date: Fri, 12 Sep 2003 06:58:29 -0700


Moozatech Advisory              http://www.moozatech.com/mt-12-09-2003.txt


Application: MyServer Web Server
Web Site:    http://myserverweb.sf.net
Versions:    0.4.3 and below
Platform:    Windows98,Windows2000,Linux
Bug:         Buffer Overflow.
Risk:        Remote DOS and unauthorized remote access.
Severity:    High
Fix Available: Yes

1) Introduction
2) Bug
3) The Code
4) Fix
5) About Moozatech

1) Introduction

MyServer is a free, powerful web server program designed to be easily run on
a personal
Computer by the average computer user.
It is a multithread application and supports HTTP, CGI, ISAPI, WinCGI and
FastCGI protocols.

2) Bug

a buffer overflow might allow Remote attacker to invoke malicious code by
submitting a request containing excessive data.
That will cause a buffer overflow and might allow to run code of choice
Under the web server privileges.
The problem is in the MSCGI library (cgi-lib.dll) that doesn’t handle
correctly long
String values for the URI variables.

3) Proof of concept.

nc.exe -v www.victim.com < request.txt

The script is attached.
This will crash the program with a memory overflow.

4) Fix

The author has confirmed this bug and temporary fix is available through
MyServer cvs repository at:
Complete patch will be available in the next upcoming release of myserver.

5) About Moozatech

Moozatech IT Systems Ltd. (“Moozatech”) is a leading information security
and project management firm focused on developing
"Secure IT Solutions" which best suit the client's operational needs.
Moozatech devotes time to make a secure computing environment for customers.


Moran Zavdi
Moozatech IT Systems

Attachment: mt-12-09-2003.txt

Attachment: request.txt

  By Date           By Thread  

Current thread:
  • Moozatech: MyServer Buffer Overflow vulnerability Moran (Sep 12)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]