• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

WN Server Malformed GET Request Buffer Overflow Vulnerability

WN Server is prone to a remotely exploitable buffer overflow. This is due to insufficient bounds checking of data received in HTTP GET requests. It is possible to send an overly long request to the server and cause process memory to be corrupted with attacker-supplied data.

This condition may be exploited to execute arbitrary code with the privileges of the webserver process.

This issue is reported to be present in WN Server version 1.18.2 through 2.0.0. It is possible that other versions may also be affected by this vulnerability.