Advisory name : MyServer 0.6.2 math_sum.mscgi multiple vulnerabilities Release date : 29/07/2004 Application : MyServer 0.6.2 Platform : Windows (all) Severity : medium Author: dr_insane , dr_insane@pathfinder.gr
Description: MyServer is a free and easy to configure web server. MyServer is licensed under the GNU General Public License (GPL).MyServer is in continuous development and new features will be present in future releases. It is available for windows and linux platforms. MyServer's principal goal is to create a free and simple powerful server to allow everyone to transform his home PC in a server and be you own webmaster with few clicks and share information easily with all the world.
Some vulnerabilities have been identified in math_sum.mscgi that may allow a malicious user to conduct cross site scripting attacks or cause a buffer overflow.
Issue 1: math_sum.mscgi cross site scripting attacks
Input passed to parameters "a" and "b" in math_sum.mscgi isn't properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of a vulnerable site.
A buffer overflow has been found in MyServer which can be exploited to compromise a vulnerable system. The vulnerability is caused due to boundary errors in "math_sum.mscgi". These can be exploited by supplying overly long, specially crafted input to either the "a" or "b" variables, which results in a buffer overflow.
