HAHTsite Scenario Server Project File Name Buffer Overrun Vulnerability
BID:10033
Info
HAHTsite Scenario Server Project File Name Buffer Overrun Vulnerability
| Bugtraq ID: | 10033 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 02 2004 12:00AM |
| Updated: | Apr 02 2004 12:00AM |
| Credit: | Discovery is this issue is credited to Dennis Rand. |
| Vulnerable: |
HAHT Commerce HAHTsite Scenario Server 5.1 Patch 6 HAHT Commerce HAHTsite Scenario Server 5.1 Patch 5 HAHT Commerce HAHTsite Scenario Server 5.1 Patch 4 HAHT Commerce HAHTsite Scenario Server 5.1 Patch 3 HAHT Commerce HAHTsite Scenario Server 5.1 Patch 2 HAHT Commerce HAHTsite Scenario Server 5.1 Patch 1 HAHT Commerce HAHTsite Scenario Server 5.1 |
| Not Vulnerable: | |
Discussion
HAHTsite Scenario Server Project File Name Buffer Overrun Vulnerability
HAHTsite Scenario Server is reported to be prone to a remotely exploitable buffer overrun vulnerability.
The issue may be triggered by submitting an HTTP GET request to the vulnerable server component that specifies overly long project file name parameters. hsrun.exe is name of the vulnerable component on Microsoft Windows platforms. This could be exploited to execute arbitrary code in the context of the server.
This issue is reported to affect HAHTsite Scenario Server 5.1 on Windows, Solaris and Linux platforms. The name of the vulnerable component will likely be different depending on the hosting platform.
HAHTsite Scenario Server is reported to be prone to a remotely exploitable buffer overrun vulnerability.
The issue may be triggered by submitting an HTTP GET request to the vulnerable server component that specifies overly long project file name parameters. hsrun.exe is name of the vulnerable component on Microsoft Windows platforms. This could be exploited to execute arbitrary code in the context of the server.
This issue is reported to affect HAHTsite Scenario Server 5.1 on Windows, Solaris and Linux platforms. The name of the vulnerable component will likely be different depending on the hosting platform.
Exploit / POC
HAHTsite Scenario Server Project File Name Buffer Overrun Vulnerability
The researcher who discovered this issue has claimed to have developed working exploit code, which is not publicly available or known to be circulating in the wild.
The researcher who discovered this issue has claimed to have developed working exploit code, which is not publicly available or known to be circulating in the wild.
Solution / Fix
HAHTsite Scenario Server Project File Name Buffer Overrun Vulnerability
Solution:
HAHTsite has released a downloadable patch for Windows platforms.
Users of the software on Solaris and Linux platforms should inquire about fixes from HAHT Technical Support via the following e-mail address:
[email protected]
HAHT Commerce HAHTsite Scenario Server 5.1 Patch 6
HAHT Commerce HAHTsite Scenario Server 5.1 Patch 3
HAHT Commerce HAHTsite Scenario Server 5.1
HAHT Commerce HAHTsite Scenario Server 5.1 Patch 2
HAHT Commerce HAHTsite Scenario Server 5.1 Patch 5
HAHT Commerce HAHTsite Scenario Server 5.1 Patch 1
HAHT Commerce HAHTsite Scenario Server 5.1 Patch 4
Solution:
HAHTsite has released a downloadable patch for Windows platforms.
Users of the software on Solaris and Linux platforms should inquire about fixes from HAHT Technical Support via the following e-mail address:
[email protected]
HAHT Commerce HAHTsite Scenario Server 5.1 Patch 6
-
HAHT Commerce ox79989_buffer_overrun_fix.zip
Windows Fix.
ftp://ftp.haht.com/private/support/fixes/5.1/build91/ox79989_buffer_ov errun_fix.zip
HAHT Commerce HAHTsite Scenario Server 5.1 Patch 3
-
HAHT Commerce ox79989_buffer_overrun_fix.zip
Windows Fix.
ftp://ftp.haht.com/private/support/fixes/5.1/build91/ox79989_buffer_ov errun_fix.zip
HAHT Commerce HAHTsite Scenario Server 5.1
-
HAHT Commerce ox79989_buffer_overrun_fix.zip
Windows Fix.
ftp://ftp.haht.com/private/support/fixes/5.1/build91/ox79989_buffer_ov errun_fix.zip
HAHT Commerce HAHTsite Scenario Server 5.1 Patch 2
-
HAHT Commerce ox79989_buffer_overrun_fix.zip
Windows Fix.
ftp://ftp.haht.com/private/support/fixes/5.1/build91/ox79989_buffer_ov errun_fix.zip
HAHT Commerce HAHTsite Scenario Server 5.1 Patch 5
-
HAHT Commerce ox79989_buffer_overrun_fix.zip
Windows Fix.
ftp://ftp.haht.com/private/support/fixes/5.1/build91/ox79989_buffer_ov errun_fix.zip
HAHT Commerce HAHTsite Scenario Server 5.1 Patch 1
-
HAHT Commerce ox79989_buffer_overrun_fix.zip
Windows Fix.
ftp://ftp.haht.com/private/support/fixes/5.1/build91/ox79989_buffer_ov errun_fix.zip
HAHT Commerce HAHTsite Scenario Server 5.1 Patch 4
-
HAHT Commerce ox79989_buffer_overrun_fix.zip
Windows Fix.
ftp://ftp.haht.com/private/support/fixes/5.1/build91/ox79989_buffer_ov errun_fix.zip
References
HAHTsite Scenario Server Project File Name Buffer Overrun Vulnerability
References:
References:
- HAHT Commerce Homepage (HAHT Commerce)