WebSite 1.1 for Windows NT winsample buffer overflow

http-website-winsample (295) The risk level is classified as HighHigh Risk

Description:

The win-c-sample.exe program, installed by default in the cgi-shl directory of O'Reilly WebSite with the privileges of the user owning the server process.


Consequences:

Gain Access

Remedy:

Remove the Win-C-Sample.exe script from the cgi-shl or cgi-bin directory. There is no legitimate use for this script, and it has been removed from O'Reilly WebSite 2.0.

References:

  • O'Reilly Software Web site: O'Reilly Software: WebSite.
  • BID-2078: OReilly WebSite 1.x/2.0 win-c-sample.exe Buffer Overflow Vulnerability
  • CVE-1999-0178: Buffer overflow in the win-c-sample program (win-c-sample.exe) in the WebSite web server 1.1e allows remote attackers to execute arbitrary code via a long query string.
  • OSVDB ID: 8: O'Reilly WebSite win-c-sample Remote Overflow

Platforms Affected:

  • Apple Mac OS
  • Cisco IOS
  • Compaq Tru64
  • Data General DG/UX
  • HP HP-UX
  • IBM AIX
  • IBM OS2
  • Linux Kernel
  • Microsoft Windows 2000
  • Microsoft Windows 2003 Server
  • Microsoft Windows 95
  • Microsoft Windows 98
  • Microsoft Windows 98SE
  • Microsoft Windows Me
  • Microsoft Windows NT 4.0
  • Microsoft Windows XP
  • Novell NetWare
  • O'Reilly Software O'Reilly Website 2.0 and prior
  • SCO SCO Unix
  • SGI IRIX
  • Sun Solaris
  • Various vendors Common Gateway Interface (CGI)
  • Wind River BSDOS

Reported:

Jan 06, 1997

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this

Return to the main page