• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

T. Hauck Jana Server HTTP Server Request Logging Buffer Overflow Vulnerability

Jana Server is a server for Microsoft Windows based systems. In addition to performing a wide range of proxy server functions, it supports an HTTP server.

A buffer overflow vulnerability has been reported in the HTTP server. If an extremely long HTTP request is received, the server will crash when attempting to log the request. This has been reported to be the result of a buffer overflow condition.