COMMAND

    NetXtray

SYSTEMS AFFECTED

    Win NT

PROBLEM

    David LeBlanc  posted following.   Something to  look out  for  in
    NetXRay 2.6  is that  there is  a buffer  overrun in the web-admin
    tool  -  feed  it  >  65  characters,  and it dies.  Screws up the
    service to where you'll need to  reboot to get it back.   It looks
    possible to write shell codet.

    Then if the admin goes and installs the thing all access (default)
    you  can  use  it  to  sniff  the  net  for a while, then root the
    machine!  Fun for the whole family!

SOLUTION

    Upgrades to  3.0 are  really cheap  (maybe free)  if you have 2.6.
    They _said_ they'd fix it in 3.0.