Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
From: Alfred Goldberg (agoldbergabsoluteitsolutions.com)
Date: Tue Jun 18 2002 - 11:59:54 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Vulnerability Summary
    Problem: The 4D 6.7 webserver has a buffer overflow condition.

    Threat: An attacker could make the webserver crash and possibly execute
    arbitrary code.

    Affected Software: 4D Webserver version 6.7.3 verified.

    Platform: Windows verified.

    Solution: Update to the version mentioned below.

    Vulnerability Description
    4D is unable to handle long HTTP requests. The result is a termination of
    the 4D application as the buffer is overflown.

    4D 6.8 seems to of addressed this problem.

    Additional Information
    4D was contacted 20020606 but returned no reply.

    This vulnerability was found and researched by
    Dumitru Vlad