Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: Servers :: netsnap.htm

Netsnap webcam server overflow



Vulnerability

    Netsnap

Affected

    Netsnap Webcam

Description

    SNS  Research  found  following.   Netsnap  is  a  webcam software
    package  for  Win95/98/NT/2k  which  in  addition  to  filming and
    picture taking allows the user to directly publish his/her footage
    to  the  web.   To  do  this,  Netsnap  is  equiped  with  its own
    HTTP-server.  Netsnap  can be found  on vendor Pelesoft's  Netsnap
    site.

    There's a problem in the handling of GET requests by named server.
    An  unchecked  buffer  here  can  be  overflowed  by  a  string of
    approximately  342  bytes,  effectively  crashing  the  server and
    allowing the execution of arbitrary code.

Solution

    After  discussing  this  issue  with  the  vendor,  Pelesoft  have
    released version 1.2.9 of their Netsnap software, which eliminates
    the problem.  Users are encouraged to obtain the new version asap.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH