G-WAN suffers from multiple vulnerabilities. A buffer overflow issue exists in the routine handling URL encoding for the "csp" (so called G-WAN servlets) sub-directory. Exploiting the vulnerability results in remotely being able to execute shellcode on the system. SIGPIPE signals were not handled correctly. Exploiting the vulnerability resulted in denial of service.
4f748ec836979bd3edb6ddc3a547daf14847a2b5c909af7c91b8e935ac52e5bb
IIScat exploits the recent Microsoft Index Server vulnerability to read any file on the server.
b7c4b6e010dfdef10ec42ca86fdf3e1f5edf403060a1d669be6df35af0740e79