NetworkActiv Web Server Buffer Overflow Vulnerability in Username Field Allowing Denial-of-Service

A buffer overflow vulnerability has been identified in NetworkActiv Web Server version 4.0 Pre-Alpha-3.7.2. The issue resides in the username field within the Security options, where local attackers can crash the application by inputting an excessively long string. This crafted username, exceeding the expected buffer size, can be delivered through the 'Set username' interface, leading to a denial-of-service condition.

Impact

Exploitation of this vulnerability causes the application to crash, creating a denial-of-service situation.

Reproduction

To reproduce this vulnerability, first run the provided Python script to generate a buffer overflow payload. This payload should be approximately 11,250 bytes of repeated 'A' characters, which exceeds the buffer size expected by the application. After generating the payload, copy it to the clipboard. Then, open NetworkActiv Web Server 4.0 Pre-Alpha-3.7.2 and navigate to the Security options. Select 'Set username' and paste the clipboard content into the 'New Value' field. After setting a password, the application will crash, demonstrating the denial-of-service condition.