|
Vulnerability WebBBS Affected WebBBS HTTP Server v1.15 Description Following is based on Delphis Consulting Security Team Advisories. Delphis Consulting Internet Security Team (DCIST) discovered the following vulnerabilities in WebBBS under Windows NT. By using the Webserver which is shipped and installed by default with WebBBS it is possible to cause a BufferOverRun in WebBBS. This is done be connecting to port 80 (WebBBS) which the service resides on by default and sending a large filename. The string has to be a length of 227 + EIP (4 bytes making a total of 231 bytes). This will cause the above application to BufferOverRun over writing EIP. This would allow an attacker to execute arbitrary code. By using the Webserver which is shipped and installed by default with WebBBS it is possible to cause a BufferOverRun in WebBBS. This is done be connecting to port 80 (WebBBS) which the service resides on by default and sending a large get statements (the Logon screen is a good example). The string has to be a length of 545 + EIP (4 bytes making a total of 549 bytes). This will cause the above application to BufferOverRun over writing EIP. This would allow an attacker to execute arbitrary code. Solution These has been resolved in v1.17.