AnalogX SimpleServer:WWW 1.0.1 - GET Buffer Overflow

EDB-ID:

19703

Author:

Ussr Labs

Type:

dos

Platform:

Windows

Published:

1999-12-31

source: http://www.securityfocus.com/bid/906/info

The SimpleServer:WWW personal webserver package from AnalogX can be compromised due to an overflowable buffer. If a GET request longer than 1000 bytes is received, the software will crash and data from the request gets pased to the EIP, meaning that an exploit could be created to run arbitrary code.

DoS attack:
GET [1000 bytes] HTTP/1.1