PMSoftware Simple Web Server Remote Buffer Overflow Vulnerability
BID:13227
Info
PMSoftware Simple Web Server Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 13227 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2005-1173 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 18 2005 12:00AM |
| Updated: | Jul 12 2009 02:06PM |
| Credit: | Michael Thumann <[email protected]> is credited with the discovery of this issue. |
| Vulnerable: |
PMSoftware Simple Web Server 1.0 |
| Not Vulnerable: | |
Discussion
PMSoftware Simple Web Server Remote Buffer Overflow Vulnerability
A remote buffer overflow vulnerability affects PMSoftware Simple Web Server. This issue is due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into static process buffers.
An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application. This may facilitate unauthorized access or privilege escalation.
A remote buffer overflow vulnerability affects PMSoftware Simple Web Server. This issue is due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into static process buffers.
An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application. This may facilitate unauthorized access or privilege escalation.
Exploit / POC
PMSoftware Simple Web Server Remote Buffer Overflow Vulnerability
The following exploits have been provided:
The following exploits have been provided:
Solution / Fix
PMSoftware Simple Web Server Remote Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
PMSoftware Simple Web Server Remote Buffer Overflow Vulnerability
References:
References:
- Simple Web Server Homepage (PMSoftware)