source: wwwsecurityfocuscom/bid/898/info
w3-msql is a cgi-program shipped with Mini-SQL which acts as a web interface for msql There are a number of buffer overflow vulnerabilities in it with one proven to be exploitable The exploitable buffer is the content-length field and the stack is overflowed inside of a scanf() call As a result, ...