Pi3Web Webserver v2.0 Buffer Overflow Vulnerability

From: Tamer Sahin (tamer@ONAR.COM.TR)
Date: 01/14/02


Date:         Mon, 14 Jan 2002 01:04:09 +0200
From: Tamer Sahin <tamer@ONAR.COM.TR>
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Pi3Web Webserver v2.0 Buffer Overflow Vulnerability

Type:
DoS, crashes Daemon

Release Date:
January 14, 2002

Product / Vendor:
Pi3Web is a free, multithreaded, highly configurable and extensible
HTTP server and development environment for cross platform internet
server development and deployment.

http://pi3web.sourceforge.net

Summary:
Server crashes after sending very long cgi parameter a few times.

http://host/cgi-bin/hello.exe.....<224 char>......

The instruction at "0x77fcc1df" referenced memory at "0x009946c0".
The memory could not be "read".

Tested:
Windows 2000 / PiWeb v2.0

Vulnerable:
Pi3Web v2.0 (And may be other)

Disclaimer:
http://www.securityoffice.net is not responsible for the misuse or
illegal use of any of the information and/or the software listed on
this security advisory.

Author:
Tamer Sahin
ts@securityoffice.net
http://www.securityoffice.net

Tamer Sahin
http://www.securityoffice.net
PGP Key ID: 0x2B5EDCB0 Fingerprint:
B96A 5DFC E0D9 D615 8D28 7A1B BB8B A453 2B5E DCB0

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1

iQA/AwUBPEISZ7uLpFMrXtywEQKYRACfc6ts9P7zdvt7zsq34+wSq8Hk64MAoNLI
QjLbFbIz3ygWk2lYy/YL3f2t
=L9mr
-----END PGP SIGNATURE-----

============================================================================
Delivery co-sponsored by VeriSign - The Internet Trust Company
============================================================================
FREE E-COMMERCE SECURITY INFRASTRUCTURE GUIDE
When building an e-commerce site, you want to start with a strong, secure
foundation. Learn how with VeriSign's FREE White Paper, "Building an
E-Commerce Trust Infrastructure." See how you can authenticate your site to
customers, use 128-Bit SSL encryption to secure your web servers, and accept
secure payments online. Click here:
http://www.verisign.com/cgi-bin/go.cgi?a=n116965650045000
============================================================================



Relevant Pages

  • Pi3Web Webserver v2.0 Buffer Overflow Vulnerability
    ... Pi3Web Webserver v2.0 Buffer Overflow Vulnerability ... DoS, crashes Daemon ... HTTP server and development environment for cross platform internet ...
    (Bugtraq)
  • Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability
    ... Please remove this wrong report (no crash happens as reported and Pi3Web version 2.013 doesn't exist at all!!!) and inform all sites copying information from your site about the removal. ... The server encountered an internal error while processing this request." ... a vulnerability has been proofed. ...
    (Bugtraq)