4D WebStar Tomcat Plugin Remote Buffer Overflow Vulnerability
BID:13538
Info
4D WebStar Tomcat Plugin Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 13538 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2005-1507 |
| Remote: | Yes |
| Local: | No |
| Published: | May 06 2005 12:00AM |
| Updated: | Jul 12 2009 02:06PM |
| Credit: | Discovery is credited to Braden Thomas <[email protected]>. |
| Vulnerable: |
4D WebSTAR 5.4 4D WebSTAR 5.3.3 |
| Not Vulnerable: | |
Discussion
4D WebStar Tomcat Plugin Remote Buffer Overflow Vulnerability
The Tomcat Plugin supplied with the HTTP server is reportedly prone to a remote buffer overflow vulnerability.
A successful attack can result in a crash or arbitrary code execution allowing the attacker to gain unauthorized access to the affected computer.
The Tomcat Plugin is enabled by default.
4D WebStar 5.3.3 and 5.4 were reported to be vulnerable.
The Tomcat Plugin supplied with the HTTP server is reportedly prone to a remote buffer overflow vulnerability.
A successful attack can result in a crash or arbitrary code execution allowing the attacker to gain unauthorized access to the affected computer.
The Tomcat Plugin is enabled by default.
4D WebStar 5.3.3 and 5.4 were reported to be vulnerable.
Exploit / POC
4D WebStar Tomcat Plugin Remote Buffer Overflow Vulnerability
Exploit code is available:
Exploit code is available:
Solution / Fix
4D WebStar Tomcat Plugin Remote Buffer Overflow Vulnerability
Solution:
The vendor has released a fix:
4D WebSTAR 5.3.3
4D WebSTAR 5.4
Solution:
The vendor has released a fix:
4D WebSTAR 5.3.3
4D WebSTAR 5.4
References
4D WebStar Tomcat Plugin Remote Buffer Overflow Vulnerability
References:
References:
- 4D WebSTAR Product Page (4D Inc.)