[10646] in bugtraq
Buffer overflow in SmartDesk WebSuite v2.1
daemon@ATHENA.MIT.EDU (cmart)
Wed May 26 14:52:53 1999
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <199905252053.AA123732652@mail.staticusers.net>
Date: Tue, 25 May 1999 20:53:17 PDT
Reply-To: cmart@mail.staticusers.net
From: cmart <cmart@MAIL.STATICUSERS.NET>
To: BUGTRAQ@NETSPACE.ORG
Advisory: Buffer overflow in SmartDesk WebSuite v2.1
Platforms Affected: Windows NT, Windows 98
Found by: cmart (cmart@staticusers.net)
Date: 5/23/99
Description:
-----------
WebSuite v2.1 will crash when an additional 250+ characters
is appended after the sites URL on NT Server 4 and NT
Workstation 4 boxes.
Running on top of Windows 98 it will crash with 150+ characters
appended after the sites URL.
After reinstallating on both platforms several times, the
overflow string length varied. Approximately 1 out of 8 times
the overflow string went from 150 chars (Win98) to about
1000+ chars. It also went from 250+ chars (NT) to about
2000+ chars.
After the server crashes on NT Workstation 4, it's unable
to find the lib file sysclass.flb. (On our test).
Details:
-------
[Windows NT]
http://hostname/00000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000000000
00000000000000000000000000
SDWEBSRV.EXE crashes.
[Windows 98]
http://hostname/00000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000
SDWEBSRV.EXE crashes.
-----------------------------
cmart | cmart@staticusers.net
http://winntsec.com
-----------------------------
