|
saw this piece of security alert. thought the list
will be interested to know
Remote Buffer
Overrun in Witango Application Server
NGSSoftware discovered that a buffer-overrun condition in Witango and Tango 2000 Application Server can result in remote compromise of the vulnerable host. If a malicious user passes a long cookie to Witango_UserReference, the saved return address is overwritten on the stack. Because Witango is installed as LocalSystem, any arbitrary code execution will run as SYSTEM. Witango has corrected this problem and recommends that affected customers download the latest build from its Web site. ________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf |
- Re: Witango-Talk: Remote Buffer Overrun in Witang... Lance Koh
- Re: Witango-Talk: Remote Buffer Overrun in W... Witango Customer Support
