Signature Detail

Short Name	SCAN:MISC:HTTP:WIN-C-SAMPLE
Severity	Info
Recommended	No
Category	SCAN
Keywords	OReilly WebSite win-c-sample.exe Probe
Release Date	2005/02/22
Update Number	1213
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SCAN: OReilly WebSite win-c-sample.exe Probe

This signature detects attempts to access a sample script (win-c-sample.exe) that shipped with O'Reilly Web Site. This sample script is vulnerable to buffer overflows and is a common target of Web scanners.

Extended Description

O'Reilly WebSite (Pro) is a Windows 95/NT Web Server package. Versions 2.0 and below contained a vulnerable sample script, win-c-sample.exe, placed by default in /cgi-shl/ off the web root directory. This program is vulnerable to a buffer overflow, allowing for execution of arbitrary commands on the host machine with the privileges of the web server. Consequences of successful exploitation could range from destruction of data and web site defacement to elevation of privileges through locally exploitable vulnerabilities.

Affected Products

OReilly Software WebSite 1.0.0
OReilly Software WebSite 1.1.0
OReilly Software WebSite Professional 1.1.0 b
OReilly Software WebSite Professional 1.1.0 c
OReilly Software WebSite Professional 2.0.0

References

BugTraq: 2078
CVE: CVE-1999-0178
URL: http://www.safety-lab.com/audits/showauditinfo.pl?lang=en&num=2241
URL: http://www.insecure.org/sploits/website.windows.1.1e.html

Signature Detail

Short Name

Severity

Recommended

Category

Keywords

Release Date

Update Number

Supported Platforms

SCAN: OReilly WebSite win-c-sample.exe Probe

Extended Description

Affected Products

References