Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: Servers :: websitep.htm

WebSite Pro 2.x Exploitable Buffer Overflow



Vulnerability

    Website

Affected

    O'Reilly WebSite Professional 2.x for Windows 9x/NT/2000

Description

    Following is based on COVERT Labs Security Advisory.  The indexing
    utility webfind.exe distributed with O'Reilly WebSite Professional
    contains an unchecked buffer allowing for the remote execution  of
    arbitrary code on vulnerable hosts.

    WebSite Professional contains two utilities, webindex and webfind,
    that provide full-text search  capabilities for a WebSite  server.
    Webindex  provides  a  walkthrough  wizard  to create a new index,
    reconfigure an existing one or delete an old one.  Webfind is  the
    CGI program that searches the indexes created by Webindex.

    Webfind displays  a search  form for  the user  to complete,  then
    executes the search.  The webfind search form takes a user-defined
    string, adding it to the "keywords" parameter of the  QUERY_STRING
    in the web request.

    Passing a long request to the "keywords" parameter overwrites  the
    stack with user defined  data allowing the execution  of arbitrary
    code on the remote host.

    This vulnerability was  discovered by Barnaby  Jack at the  COVERT
    Labs of PGP Security, Inc.

Solution

    O'Reilly has  corrected this  issue in  WebSite Professional  2.5,
    which is now available from:

        http://website.oreilly.com


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH