[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Remotely exploitable buffer overflow vulnerability in Savant Web Server 3.1

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: [Full-Disclosure] Remotely exploitable buffer overflow vulnerability in Savant Web Server 3.1
From: <muts@xxxxxxxxxxxx>
Date: Tue, 1 Feb 2005 12:47:48 +0200

See Security, Research and Development
------------------------------------------------------

[-] Product Information

Savant is a full-featured open source web server for 
computers running any version of Windows 95/NT or greater.
Product Homepage: http://sourceforge.net/projects/savant/

[-] Vulnerability Description

A buffer overflow vulnerability was discovered in Savant Web 
Server 3.1 which allows remote code execution by sending a 
malformed HTTP request.

[-] Analysis

When sending a malformed HTTP request in the format 
Any_Text / [256 Bytes]\r\n we will be able to overwrite the 
instruction pointer with an arbitrary address.

[-] Vendor Notification

The vendor was not available for notification. 

[-] Exploit

Attached. Developed by Tal Zeltzer And Mati Aharoni 

[-] Credits

The vulnerability was discovered by Mati Aharoni
Metasploit
Google
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] Remotely exploitable buffer overflow vulnerability in Savant Web Server 3.1
  - From: Andrew Farmer

Prev by Date: Re: [Full-Disclosure] [ GLSA 200501-46 ] ClamAV: Multiple issues
Next by Date: [Full-Disclosure] Call For Papers : HITB Security Conference Bahrain 2005
Previous by thread: [Full-Disclosure] University of Phoenix - Outlook Express Unauthorized Configuration Manipulation
Next by thread: Re: [Full-Disclosure] Remotely exploitable buffer overflow vulnerability in Savant Web Server 3.1
Index(es):
- Date
- Thread