• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

WinEggDropShell Multiple Remote Buffer Overflow Vulnerabilities

WinEggDropShell is affected by multiple remote buffer overflow vulnerabilities.

A remote buffer overflow vulnerability affecting the HTTP server arises when a GET request is provided with excessive data.

Two remote buffer overflow vulnerabilities affecting the FTP server arise when the FTP commands are provided with excessively long arguments.

An unauthenticated attacker may leverage these issues to execute arbitrary code on a computer with the privileges of the server process. This may facilitate unauthorized access and a complete compromise.

WinEggDropShell 1.7 is reportedly vulnerable, however, other versions are likely affected as well.