Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Web :: Servers :: bt472.txt

WebAdmin.exe remote buffer overflow

Content-Type: text/plain;
Content-Transfer-Encoding: 7bit

NGSSoftware Insight Security Research Advisory

Name: Remote System Buffer Overrun WebAdmin.exe
Systems Affected: Windows
Severity: High Risk
Category:               Buffer Overrun
Vendor URL:
Author: Mark Litchfield (
Date: 24th June 2003
Advisory number: #NISR2406-03


WebAdmin allows administrators to securely manage MDaemon, RelayFax, and
WorldClient from anywhere in the world


There is a remotely exploitable buffer overrun in the USER parameter.

By default the webadmin.exe process is started as a system service.  Any
code being passed to the server by an attacker as a result of this buffer
overrun would therefore (based on a default install) execute with system

POST /WebAdmin.dll?View=Logon HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
application/x-shockwave-flash, */*
Accept-Language: en-us
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
User-Agent: MyUser Agent
Content-Length: 74
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: User=NGSSOFTWARE; Lang=en; Theme=Standard


Fix Information

NGSSoftware alerted ALTN to theses issues on the 19th of June 2003.
A patch has now been made available from

A check for these issues has been added to Typhon III, of which more
information is available from the
NGSSoftware website,

Further Information

For further information about the scope and effects of buffer overflows,
please see

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH