Simple Web Server Request Handling Buffer Overflow


Description   Michael Thumann has reported a vulnerability in PMSoftware Simple Web Server, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to a boundary error when handling HTTP requests and can be exploited to cause a stack-based buffer overflow via an overly long HTTP GET request (about 260 bytes).
Successful exploitation allows execution of arbitrary code.
The vulnerability has been reported in version 1.015. Other versions may also be affected.
NOTE: An exploit is publicly available.
     
Vulnerable Products   Vulnerable Software:
PMSoftware Simple Web Server 1.x
     
Solution   The vulnerability has been fixed in version 2.0 (currently release candidate).
     
CVE   CVE-2005-1173
     
References  
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
Possible buffer overflow on URL
3.2.0
     


 
 
 
 
 Risk level 
Critical 

 Vulnerability First Public Report Date 
2005-04-19 

 Target Type 
Server 

 Possible exploit 
Remote