Each one of the eZ software packages is shipped with an application file which runs as part of the core system, 'eZnet.exe'. It acts as a simple HTTP server listening on port 80/tcp for connections from one of the eZ software packages. Once it receives a request, it will return a string of data which the client can use to help negotiate a session with the remote eZ user. There appears to be a serious issue with the way in which the eZnet application parses requests. A stack-based buffer overflow problem seems to arise when... Enjoy IT!