TUCoPS :: Web :: Servers :: wclient1.htm

WorldClient Server Buffer Overflow 
Vulnerability

    WorldClient Server

Affected

    WorldClient Server v2.0.0.0

Description

    UssrLabs found  a buffer  overflow in  WorldClient Server v2.0.0.0
    where they do not use  proper bounds checking.  The  following all
    result in  a Denial  of Service  against the  service in question.
    Affected services:

        WorldClient: Port 2000

    This two remotes services are  affected to overflow of you  send a
    large url name.  Like:

        http:/serverip/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

    For  the  Binary  /  Source  for  this WorldClient Server v2.0.0.0
    Denial of Service go to:

        http://www.ussrback.com/mdeam285/

    or

        http://oliver.efri.hr/~crv/security/bugs/Others/mdaemon3.html

Solution

    A hotfix for WorldClient Pro is available here:

        http://www.worldclient.com/helpdesk/hotfix.cfm

    11/30/99 AltN will release full patches for this product.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2025 AOH