ADA IMGSVR GET Request Buffer Overflow Vulnerability
BID:10046
Info
ADA IMGSVR GET Request Buffer Overflow Vulnerability
| Bugtraq ID: | 10046 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 05 2004 12:00AM |
| Updated: | Apr 05 2004 12:00AM |
| Credit: | Discovery of this issue is credited to Dr_insane. |
| Vulnerable: |
ADA ImgSvr 0.4 |
| Not Vulnerable: | |
Discussion
ADA IMGSVR GET Request Buffer Overflow Vulnerability
A vulnerability has been reported in ImgSvr that may allow a remote attacker to corrupt local process memory, potentially leading to arbitrary code execution. This issue is due to a failure of the application to properly validate the size of user supplied HTTP requests.
Successful exploitation would immediately produce a denial of service condition in the affected process. This issue may also be leveraged to execute code on the affected system within the security context of the user running the vulnerable process.
A vulnerability has been reported in ImgSvr that may allow a remote attacker to corrupt local process memory, potentially leading to arbitrary code execution. This issue is due to a failure of the application to properly validate the size of user supplied HTTP requests.
Successful exploitation would immediately produce a denial of service condition in the affected process. This issue may also be leveraged to execute code on the affected system within the security context of the user running the vulnerable process.
Exploit / POC
ADA IMGSVR GET Request Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
ADA IMGSVR GET Request Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
ADA IMGSVR GET Request Buffer Overflow Vulnerability
References:
References:
- ADA Image Server (ImgSvr) 0.4 Multiple vulnerabilities (Dr_insane)
- ImgSvr Home Page (ADA)