Users login

Create an account »


Users login

Home » Hacking News » Netwin Webnews.exe vulnerability

Netwin Webnews.exe vulnerability

by Nikola Strahija on February 19th, 2002 Netwin's WebNews contains a remotely exploitable buffer overrun that allows the execution of arbitrary code. Systems Affected: IIS4 & IIS5 on Windows NT/2000 Severity: High Risk

WebNEWS is a server side application (cgi) which provides users with web
based access to Internet News Groups. It is compatible with any standard
NNTP (Network News) server system. WebNews allows news groups to be
displayed, accessed and searched via a web-based interface. WebNews may be
used to provide a web based news service, similar to the popular Deja News
Services. Providing Web access to news gives users access to their news from
anywhere on the net. All they need is a web browser.

Webnews.exe is the main executable that provides the program's
functionality. The buffer overflow problem manifests itself when an overly
long string (c. 1500 bytes) is supplied in the group parameter of the query
string when the server receives a vaild "utoken". The "utoken" is the user
token supplied by the server for a given session.

In terms of an attack, any code executed will run in the security context of
the low privileged account used by IIS to service such requests so won't
have full control over the system. That said, it is imperative that this be
addressed as it allows an attacker greater access to the vulnerable system
and other machines behind the firewall on the same DMZ.

Fix Information
NGSSoftware alerted Netwin to these problems on the 11th of February who
responded quickly with a patch. This patch was made available on the 14th
February 2002, and can be downloaded from

A check for this issue has been added to Typhon II, of which more
information is available from the NGSSoftware website,

Further Information
For further information about the scope and effects of buffer overflows,
please see

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »