Advisory: Buffer overflow in SmartDesk WebSuite v2.1 Platforms Affected: Windows NT, Windows 98 Found by: cmart (cmartat_private) Date: 5/23/99 Description: ----------- WebSuite v2.1 will crash when an additional 250+ characters is appended after the sites URL on NT Server 4 and NT Workstation 4 boxes. Running on top of Windows 98 it will crash with 150+ characters appended after the sites URL. After reinstallating on both platforms several times, the overflow string length varied. Approximately 1 out of 8 times the overflow string went from 150 chars (Win98) to about 1000+ chars. It also went from 250+ chars (NT) to about 2000+ chars. After the server crashes on NT Workstation 4, it's unable to find the lib file sysclass.flb. (On our test). Details: ------- [Windows NT] http://hostname/00000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000 SDWEBSRV.EXE crashes. [Windows 98] http://hostname/00000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000 SDWEBSRV.EXE crashes. ----------------------------- cmart | cmartat_private http://winntsec.com -----------------------------
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:47:18 PDT