NaviCOPA Web Server 3.0.1 - Remote Buffer Overflow / Script Source Disclosure

EDB-ID:

7966

CVE:


EDB Verified:

Author:

e.wiZz!

Type:

remote

Exploit:   /  

Platform:

Windows

Date:

2009-02-03

Vulnerable App: 
######################  NaviCopa webserver 3.0.1 Multiple Vulnerabilities   #################


##### By:  e.wiZz!    Bosnian Idiot FTW!

##### Mail:  ew1zz@hotmail.com

##### Greetz goes to GYEZ(you know who you are lol)




In the wild...

################################################

##### Vendor site:  http://www.navicopa.com/

##### Platforms: Windows OS only

#####Info:  Award Winning NaviCOPA is ideal for business users who require a powerful and flexible Web Server,
but don't want to have to spend months learning how to configure it.



######[Script Source Disclousure]###############

If we add dot at end of URI,server won't execute script,so we can see source code:

PoC:

http://localhost/index.html.



###########[Buffer Overflow]#####################

Buffer Overflow exist if we supply more than 5400~ characters to root directory.Similar thing reported
at version 2.01 of this software  https://www.securityfocus.com/bid/20250   (/cgi-bin/AAAA..)

PoC:

GET /AAAAAAAAAAAAAAAAAA... HTTP/1.0   




In memory of shinnai.

# milw0rm.com [2009-02-03]
Tags:
Advisory/Source: Link
Databases Links Sites Solutions
Exploits Search Exploit-DB OffSec Courses and Certifications
Google Hacking Submit Entry Kali Linux Learn Subscriptions
Papers SearchSploit Manual VulnHub OffSec Cyber Range
Shellcodes Exploit Statistics Proving Grounds
Penetration Testing Services
Exploits Google Hacking Papers Shellcodes
Search Exploit-DB Submit Entry SearchSploit Manual Exploit Statistics
OffSec Kali Linux VulnHub
Courses and Certifications Learn Subscriptions OffSec Cyber Range Proving Grounds Penetration Testing Services