Buffer overflow in AspUpload 1.4.
fa59dbe8856f3c12f4968d4bc4ac6d59<HTML>
<HEAD>
<TITLE>Buffer overflow in AspUpload 1.4</TITLE>
</HEAD>
<BODY BGCOLOR="BLACK" TEXT="#FFDFBF" LINK="#C08010" VLINK="#C08010" ALINK="WHITE">
<FONT FACE="arial" SIZE="3">
<B>- Buffer overflow in AspUpload 1.4 -</B>
<BR><BR>
</FONT>
<FONT FACE="arial" SIZE="2">
There is a buffer overflow in AspUpload 1.4 from Persits Software. It's been verified on Windows 4.0 Server with IIS 3.0 and IIS 4.0. It's not unlikely that it also works on all previous versions of AspUpload. If you enter about 3800 characters or more in the filename box in your browser and click on the send button, AspUpload kills the inetinfo process on the server (that is, kills IIS).
</FONT>
<BR>
<FONT FACE="arial" SIZE="2">
<BR><BR>
<HR WIDTH="50%" ALIGN="CENTER" SIZE="1">
<CENTER><A HREF="http://www.bahnhof.se/~winnt/">[Home]</A> <A HREF="http://www.bahnhof.se/~winnt/advisories/index.html">[Security Advisories]</A> <A HREF="http://www.bahnhof.se/~winnt/toolbox/index.html">[The Toolbox]</A> <A HREF="http://www.bahnhof.se/~winnt/trashcan/index.html">[The Trashcan]</A></CENTER>
<P ALIGN=RIGHT>
<FONT FACE="arial" SIZE="1">
© 1999, Arne Vidström
</FONT>
</P>
</FONT>
</BODY>
</HTML>
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
Comments
No comments yet, be the first!