StarOffice StarScheduler Remote Buffer Overflow Vulnerability
BID:1039
Info
StarOffice StarScheduler Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 1039 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 09 2000 12:00AM |
| Updated: | Mar 09 2000 12:00AM |
| Credit: | First posted to BugTraq by Vanja Hrustic <[email protected]> on March 9, 2000. |
| Vulnerable: |
Sun StarOffice 5.1 |
| Not Vulnerable: | |
Discussion
StarOffice StarScheduler Remote Buffer Overflow Vulnerability
StarOffice is a desktop office suite offered by Sun Microsystems. StarScheduler is a groupware server that ships with StarOffice and includes a webserver vulnerable to a remote buffer overflow attack. By default, the webserver runs as root and listens on port 801. When a GET request is made with a parameter longer than its predefined length, the stack will be overrun and the flow of execution altered. It is possible to overwrite the return address on the stack and have arbitrary code executed as root on the target host.
The consequence of this vulnerability being exploited is a remote root compromise.
StarOffice is a desktop office suite offered by Sun Microsystems. StarScheduler is a groupware server that ships with StarOffice and includes a webserver vulnerable to a remote buffer overflow attack. By default, the webserver runs as root and listens on port 801. When a GET request is made with a parameter longer than its predefined length, the stack will be overrun and the flow of execution altered. It is possible to overwrite the return address on the stack and have arbitrary code executed as root on the target host.
The consequence of this vulnerability being exploited is a remote root compromise.
Exploit / POC
StarOffice StarScheduler Remote Buffer Overflow Vulnerability
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution / Fix
StarOffice StarScheduler Remote Buffer Overflow Vulnerability
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
References
StarOffice StarScheduler Remote Buffer Overflow Vulnerability
References:
References: