Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

fulldisclosure logo Full Disclosure mailing list archives

MDG Web Server 4D 3.6.0 Buffer Overflow
From: "tom ferris" <badpack3t () security-protocols com>
Date: Wed, 30 Apr 2003 23:16:07 -0400 (EDT)
SP Research Labs Advisory x05
-----------------------------
www.security-protocols.com

Product - MDG Web Server 4D 3.6.0 Buffer Overflow


Download it here:

ftp://ftp.mdg.com/demos/WS4D/Win/WS4D_3.6.0_Full.exe

Date Released - 04/30/2003

Release Mode –

Vendor was notified on 04/27/2003. The vendor did not give me a date for
the updated version.

------------------------------

Product Description from the vendor -

A full featured web server with an integrated database for publishing your
databases on the web for MacOS and WindowsNT.

-------------------------------

Vulnerability Description -

A buffer overflow vulnerability exists within MDG Web Server 4D 3.6.0.  
By doing a GET / with 4096 <’s  will cause the web server to crash.  Once
the malicious payload has been sent, the web server will crash giving a
runtime error.  This vulnerability is remotely exploitable.  Exploit is
attached for your pleasure.

Advisory Link –

http://www.security-protocols.com/article.php?sid=1493&mode=thread&order=0

Tested on:

Windows XP Pro SP1
Windows 2000 SP3

-------------------------------


peace out,

-------------------------------
badpack3t
www.security-protocols.com
-------------------------------

Attachment: sp-ws4d.c
Description:

  By Date           By Thread  

Current thread:
  • MDG Web Server 4D 3.6.0 Buffer Overflow tom ferris (Apr 30)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]