Bugtraq in Japanese
Back to list
|
Post reply
[SIG^2 G-TEC] AN HTTPD ¤Î cmdIS.DLL ¤Ë Buffer Overflow ¤ÎÌäÂê¤òȯ¸«¤·¤Þ¤·¤¿
Apr 08 2005 09:06AM
chewkeong security org sg
SIG^2 Vulnerability Research Advisory
AN HTTPD ¤Î cmdIS.DLL ¤Ë Buffer Overflow ¤ÎÌäÂê¤òȯ¸«¤·¤Þ¤·¤¿
by Tan Chew Keong ¡¡¥¿¥ó¡¡¥Á¥å¡¼¡¡¥±¥ª¥ó
Release Date: 7 Apr 2005
³µÍ×
AN HTTPD ¤Ï Windows95/98/Me/NT/2000/XPÍѤΠHTTP ¥µ¡¼¥Ð¡ÊWeb¥µ¡¼¥Ð¡Ë¤Ç¤¹¡£ LAN¤Ë¤Ä¤Ê¤¬¤Ã¤Æ¤¤¤ëWindows ¥Þ¥·¥ó¤«¤é¥Û¡¼¥à¥Ú¡¼¥¸¤òÄ󶡤Ǥ¤ë¤«¡¢£Ó£Ó£É¡¿£Ã£Ç£É¤ò¥í¡¼¥«¥ë¤Ç¥Æ¥¹¥È¤¹
¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£¤Þ¤¿¡¢¥À¥¤¥¢¥ë¥¢¥Ã¥×Àܳ¤Ç¤â¥Û¡¼¥à¥Ú¡¼¥¸¤Îȯ¿®¤¬²Äǽ¤Ç
¤¹¡£ ¥Õ¥ê¡¼¥½¥Õ¥È¥¦¥§¥¢¤Ç¤¹¡£
AN HTTPD ¤Î cmdIS.DLL ¤Ë Buffer Overflow ¤ÎÌäÂê¤òȯ¸«¤·¤Þ¤·¤¿¡£°°Õ¤Î¤¢¤ë¹¶·â¼Ô¤Ï¡¢¤³¤ÎÌäÂê¤òÍøÍѤ· AN HTTPD ¤ò¼Â¹Ô¤¹¤ë¥æ¡¼¥¶¤Î¸¢¸Â¤ÇǤ°Õ¤Î¥³¡¼¥É¤ò¼Â¹Ô¤Ç¤¤ë²ÄǽÀ¤¬¤¢¤ê¤Þ¤¹¡£ ¥í¥°¤òµ¶Áõ¤Ç¤¤ëÀȼåÀ¤â¤¢¤ê¤Þ¤¹¡£ URL ¤ËºÙ¹©¤ò¹Ô¤¦¤³¤È¤Ç¡¢¥í¥°¤òµ¶Áõ¤Ç¤¤Æ¤·¤Þ¤¤¤Þ¤¹¡£
ÌäÂê¤ò³Îǧ¤·¤¿¥Ð¡¼¥¸¥ç¥ó
AN HTTPD V1.42n on ±Ñ¸ìÈǤΠWin2K SP4 and WinXP SP2.
ÌäÂê
AN HTTPD ¤Ï Windows95/98/Me/NT/2000/XPÍѤΠHTTP ¥µ¡¼¥Ð¡ÊWeb¥µ¡¼¥Ð¡Ë¤Ç¤¹¡£ AN HTTPD V£±¡¥£´£² ¤Î cmdIS.DLL ¤Ë Buffer Overflow ¤ÎÌäÂê ¤¬¤¢¤ê¤Þ¤¹¡£cmdIS.DLL ¤Ç¡¡/cgi-bin/test.bat ¥Ð¥Ã¥Á¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤·¤Ê¤µ¤¤¡¢HTTP Request Ãæ¤Ë°Û¾ïŤ¤ User-Agent ¤« Host ¤« Accept-Encoding ¤ò¼õ¤±¼è¤ë¤È¤¡¢Buffer Overflow ¤¬È¯À¸¤·¤Þ¤¹¡£ ÌäÂê¤Ï cmdIS.DLL ¤Î set ¥³¥Þ¥ó¥É¤Ë¤è¤Ã¤Æµ¯¤³¤µ¤ì¤ë¡£
¥í¥°¤òµ¶Áõ¤Ç¤¤ëÀȼåÀ¤â¤¢¤ê¤Þ¤¹¡£ URL¤ËºÙ¹©¤ò¹Ô¤¦¤³¤È¤Ç¡¢¥í¥°¤òµ¶Áõ¤Ç¤¤Æ¤·¤Þ¤¤¤Þ¤¹¡£
Âкö
¤¤¤Þ¤¹¤°¥Õ¥¡¥¤¥ëcmdIS.dll ¤òºï½ü¤·¤Æ¤¯¤À¤µ¤¤¡£
ȯ¸«¤ÈÊó¹ð¤Î·Ð°Þ
2005ǯ 03·î 06Æü - ÀȼåÀ¤Îȯ¸«¡£
2005ǯ 03·î 07Æü - ÀȼåÀ¤¬ÅŻҥ᡼¥ë¤Ç ÃæÅÄ ¾¼Íº¤µ¤ó¤ËÊó¹ð¡£
2005ǯ 03·î 12Æü - ºÆÅÙÅŻҥ᡼¥ë¤Ç ÃæÅÄ ¾¼Íº¤µ¤ó¤ËÊó¹ð¡£
2005ǯ 03·î 20Æü - ºÆÅÙÅŻҥ᡼¥ë¤Ç ÃæÅÄ ¾¼Íº¤µ¤ó¤ËÊó¹ð¡£
2005ǯ 04·î 05Æü - ºÆÅÙÅŻҥ᡼¥ë¤Ç ÃæÅÄ ¾¼Íº¤µ¤ó¤ËÊó¹ð¡£
2005ǯ 04·î 07Æü - ÃæÅÄ ¾¼Íº¤µ¤ó¤«¤éÅŻҥ᡼¥ë¤ò¼õ¤±¼è¤é¤ì¤¿¡£
2005ǯ 04·î 07Æü - ËÜÀȼåÀ¤Î¸ø³«¡£
GREETINGS
All guys at SIG^2 G-TEC Lab
http://www.security.org.sg/webdocs/g-tec.html
"IT Security...the Gathering. By enthusiasts for enthusiasts."
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
SIG^2 Vulnerability Research Advisory
AN HTTPD ¤Î cmdIS.DLL ¤Ë Buffer Overflow ¤ÎÌäÂê¤òȯ¸«¤·¤Þ¤·¤¿
by Tan Chew Keong ¡¡¥¿¥ó¡¡¥Á¥å¡¼¡¡¥±¥ª¥ó
Release Date: 7 Apr 2005
³µÍ×
AN HTTPD ¤Ï Windows95/98/Me/NT/2000/XPÍѤΠHTTP ¥µ¡¼¥Ð¡ÊWeb¥µ¡¼¥Ð¡Ë¤Ç¤¹¡£ LAN¤Ë¤Ä¤Ê¤¬¤Ã¤Æ¤¤¤ëWindows ¥Þ¥·¥ó¤«¤é¥Û¡¼¥à¥Ú¡¼¥¸¤òÄ󶡤Ǥ¤ë¤«¡¢£Ó£Ó£É¡¿£Ã£Ç£É¤ò¥í¡¼¥«¥ë¤Ç¥Æ¥¹¥È¤¹
¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£¤Þ¤¿¡¢¥À¥¤¥¢¥ë¥¢¥Ã¥×Àܳ¤Ç¤â¥Û¡¼¥à¥Ú¡¼¥¸¤Îȯ¿®¤¬²Äǽ¤Ç
¤¹¡£ ¥Õ¥ê¡¼¥½¥Õ¥È¥¦¥§¥¢¤Ç¤¹¡£
AN HTTPD ¤Î cmdIS.DLL ¤Ë Buffer Overflow ¤ÎÌäÂê¤òȯ¸«¤·¤Þ¤·¤¿¡£°°Õ¤Î¤¢¤ë¹¶·â¼Ô¤Ï¡¢¤³¤ÎÌäÂê¤òÍøÍѤ· AN HTTPD ¤ò¼Â¹Ô¤¹¤ë¥æ¡¼¥¶¤Î¸¢¸Â¤ÇǤ°Õ¤Î¥³¡¼¥É¤ò¼Â¹Ô¤Ç¤¤ë²ÄǽÀ¤¬¤¢¤ê¤Þ¤¹¡£ ¥í¥°¤òµ¶Áõ¤Ç¤¤ëÀȼåÀ¤â¤¢¤ê¤Þ¤¹¡£ URL ¤ËºÙ¹©¤ò¹Ô¤¦¤³¤È¤Ç¡¢¥í¥°¤òµ¶Áõ¤Ç¤¤Æ¤·¤Þ¤¤¤Þ¤¹¡£
ÌäÂê¤ò³Îǧ¤·¤¿¥Ð¡¼¥¸¥ç¥ó
AN HTTPD V1.42n on ±Ñ¸ìÈǤΠWin2K SP4 and WinXP SP2.
ÌäÂê
AN HTTPD ¤Ï Windows95/98/Me/NT/2000/XPÍѤΠHTTP ¥µ¡¼¥Ð¡ÊWeb¥µ¡¼¥Ð¡Ë¤Ç¤¹¡£ AN HTTPD V£±¡¥£´£² ¤Î cmdIS.DLL ¤Ë Buffer Overflow ¤ÎÌäÂê ¤¬¤¢¤ê¤Þ¤¹¡£cmdIS.DLL ¤Ç¡¡/cgi-bin/test.bat ¥Ð¥Ã¥Á¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤·¤Ê¤µ¤¤¡¢HTTP Request Ãæ¤Ë°Û¾ïŤ¤ User-Agent ¤« Host ¤« Accept-Encoding ¤ò¼õ¤±¼è¤ë¤È¤¡¢Buffer Overflow ¤¬È¯À¸¤·¤Þ¤¹¡£ ÌäÂê¤Ï cmdIS.DLL ¤Î set ¥³¥Þ¥ó¥É¤Ë¤è¤Ã¤Æµ¯¤³¤µ¤ì¤ë¡£
¥í¥°¤òµ¶Áõ¤Ç¤¤ëÀȼåÀ¤â¤¢¤ê¤Þ¤¹¡£ URL¤ËºÙ¹©¤ò¹Ô¤¦¤³¤È¤Ç¡¢¥í¥°¤òµ¶Áõ¤Ç¤¤Æ¤·¤Þ¤¤¤Þ¤¹¡£
Âкö
¤¤¤Þ¤¹¤°¥Õ¥¡¥¤¥ëcmdIS.dll ¤òºï½ü¤·¤Æ¤¯¤À¤µ¤¤¡£
ȯ¸«¤ÈÊó¹ð¤Î·Ð°Þ
2005ǯ 03·î 06Æü - ÀȼåÀ¤Îȯ¸«¡£
2005ǯ 03·î 07Æü - ÀȼåÀ¤¬ÅŻҥ᡼¥ë¤Ç ÃæÅÄ ¾¼Íº¤µ¤ó¤ËÊó¹ð¡£
2005ǯ 03·î 12Æü - ºÆÅÙÅŻҥ᡼¥ë¤Ç ÃæÅÄ ¾¼Íº¤µ¤ó¤ËÊó¹ð¡£
2005ǯ 03·î 20Æü - ºÆÅÙÅŻҥ᡼¥ë¤Ç ÃæÅÄ ¾¼Íº¤µ¤ó¤ËÊó¹ð¡£
2005ǯ 04·î 05Æü - ºÆÅÙÅŻҥ᡼¥ë¤Ç ÃæÅÄ ¾¼Íº¤µ¤ó¤ËÊó¹ð¡£
2005ǯ 04·î 07Æü - ÃæÅÄ ¾¼Íº¤µ¤ó¤«¤éÅŻҥ᡼¥ë¤ò¼õ¤±¼è¤é¤ì¤¿¡£
2005ǯ 04·î 07Æü - ËÜÀȼåÀ¤Î¸ø³«¡£
GREETINGS
All guys at SIG^2 G-TEC Lab
http://www.security.org.sg/webdocs/g-tec.html
"IT Security...the Gathering. By enthusiasts for enthusiasts."
[ reply ]