Overflow in MS PWS
|Description:||typical buffer overflow|
|Author:||Gurney Halleck <firstname.lastname@example.org>|
|Compromise:||Crash the personal web server (it is also possible that you could be able to execute arbitrary code remotely)|
|Vulnerable Systems:||Those running MS Personal Web Server (pws32/220.127.116.112), it is apparently packaged with FrontPage 97. |
|Date:||15 January 1998 |
Date: Thu, 15 Jan 1998 12:03:30 -0700
From: Gurney Halleck <email@example.com>
To: dc-stuff <firstname.lastname@example.org>
Subject: Buffer overflow with MS PWS
I don't know if this has ever been reported. I did check MS Technical
support but didn't find anything.
While goofing with MS Personal Web Server (pws32/18.104.22.1682) that came
packaged with FrontPage 97 and running under NT 3.51 , I found that the
following URL will crash PWS.
Where PWS_Name is the domain name of the PWS server and the long string
is 159 chars.
I have no idea if it is exploitable beyond just crashing PWS.
It bombs out with an Exception: access violation as reported by Dr.
Gurney Halleck <email@example.com>
Visit my Web 'Zine: Little Albert ( http://www.littleal.pair.com )
For my pub key:
Key fingerprint = C7 D3 2F 1D 16 7F FC E4 A3 95 D7 AD C0 38 9D AC
The master index of all exploits is available
here (Very large file)
Or you can pick your favorite operating system:
This page is part of Fyodor's exploit
For a free program to automate scanning your network for vulnerable
hosts and services, check out my network mapping tool, nmap. Or try these Insecure.Org resouces:
[ Nmap |
Sec Tools |
Mailing Lists |
Site News |