Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Web :: Servers :: web5329.htm

4D webserver buffer overflow
3rd May 2002 [SBWID-5329]

	4D webserver buffer overflow


	4D Webserver version 6.7.3


	Patrik Karlsson &  Jonas  Lendin  []
	said :

	An attacker could overflow the username or password  field  in  a  basic
	authentication resulting in EIP overwrite and  possible  arbitrary  code
	execution. There are a few checks of the buffer, including  a  check  to
	make sure only \"valid\" characters are sent. If \"invalid\"  characters
	are found the copy is terminated.



	Upgrade to the latest version, either 4D 6.7.4 or 4D 6.8.1.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH