Subject: [w00giving '99 #13] ZBSoft's ZBServer 1.5 Pro Edition

Release Date: December 23, 1999

Systems/Versions Affected: ZBServer 1.5 Pro Edition (possibly others) for
Win98/NT)

About The Software:
ZBServer Pro Edition is a full-featured Internet server software
package that includes HTTP, Gopher, FTP, and Chat services.

THE PROBLEM

UssrLabs has found a remote buffer overflow in the code that handles
the GET command.  There is an unchecked buffer that will allow arbitrary
code to be executed if it is overflowed.


Do you do the w00w00?
This advisory also acts as part of w00giving. This is another contribution
to w00giving for all you w00nderful people out there. You do know what
w00giving is don't you? http://www.w00w00.org/advisories.html

Binary or source for this exploit:
http://www.ussrback.com/

Vendor Status: Notified with no response
Program URL: http://www.zbsoft.com/zbserver/index.htm

Credit: USSRLABS
Because the vendor doesn't release source code, wait for them to provide a
patch.

Greetings:
eEye, Attrition, w00w00, beavuh, Rhino9, ADM, L0pht, HNN, Technotronic, 
and Wiretrip

u n d e r g r o u n d  s e c u r i t y  s y s t e m s  r e s e a r c h
http://www.ussrback.com