Archive : 1999 : november : worldclient - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Remote DoS Attack in WorldClient Server v2.0.0.0 Vulnerability




=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-


    Date: Чт, 25 ноя 1999  04:19:38

   От: Ussr Labs <labs@USSRBACK.COM>

 Кому: BUGTRAQ@SECURITYFOCUS.COM

 Тема: Remote DoS Attack in WorldClient Server v2.0.0.0 Vulnerability

--------------------------------------------------------------------------------




Remote DoS Attack in WorldClient Server v2.0.0.0 Vulnerability



PROBLEM:

UssrLabs found a buffer overflow in WorldClient Server v2.0.0.0 where they

do not use proper bounds checking.

The following all result in a Denial of Service against the service in

question.



affected services:



WorldClient: Port 2000



This two remotes services are affected to overflow of you send a large url

name.



Like: http:/serverip/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa



For the Binary / Source for this WorldClient Server v2.0.0.0 Denial of

Service:



Go To: http://www.ussrback.com/mdeam285/





Vendor Status:

Contacted.



Vendor   Url: http://www.mdaemon.com



Credit: USSRLABS



SOLUTION

    Nothing yet.







u n d e r g r o u n d  s e c u r i t y  s y s t e m s  r e s e a r c h

http://www.ussrback.com

test server