Orenosv HTTP/FTP Server CGISSI.EXE Remote Buffer Overflow Vulnerability
BID:13549
Info
Orenosv HTTP/FTP Server CGISSI.EXE Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 13549 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | May 09 2005 12:00AM |
| Updated: | May 09 2005 12:00AM |
| Credit: | Discovery is credited to Tan Chew Keong. |
| Vulnerable: |
Orenosv Orenosv HTTP/FTP Server 0.8.1 |
| Not Vulnerable: |
Orenosv Orenosv HTTP/FTP Server 0.8.1 a |
Discussion
Orenosv HTTP/FTP Server CGISSI.EXE Remote Buffer Overflow Vulnerability
Orenosv HTTP/FTP server is prone to a remote buffer overflow vulnerability that affects 'cgissi.exe'.
This issue presents itself when the application handles excessive values supplied through an SSI command name.
A successful attack can result in memory corruption and can be leveraged to cause a denial of service condition or arbitrary code execution. Arbitrary code execution can result in a remote compromise in the context of the server.
Orenosv HTTP/FTP Server 0.8.1 is reportedly vulnerable, however, other versions may be affected as well.
Orenosv HTTP/FTP server is prone to a remote buffer overflow vulnerability that affects 'cgissi.exe'.
This issue presents itself when the application handles excessive values supplied through an SSI command name.
A successful attack can result in memory corruption and can be leveraged to cause a denial of service condition or arbitrary code execution. Arbitrary code execution can result in a remote compromise in the context of the server.
Orenosv HTTP/FTP Server 0.8.1 is reportedly vulnerable, however, other versions may be affected as well.
Exploit / POC
Orenosv HTTP/FTP Server CGISSI.EXE Remote Buffer Overflow Vulnerability
A proof of concept example is available:
<!--#aaaaa... -->
Approx. 120 bytes of aaaaaa...
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
A proof of concept example is available:
<!--#aaaaa... -->
Approx. 120 bytes of aaaaaa...
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Orenosv HTTP/FTP Server CGISSI.EXE Remote Buffer Overflow Vulnerability
Solution:
The vendor has released Orenosv HTTP/FTP Server version 0.8.1a to address this issue. Patches are available.
Orenosv Orenosv HTTP/FTP Server 0.8.1
Solution:
The vendor has released Orenosv HTTP/FTP Server version 0.8.1a to address this issue. Patches are available.
Orenosv Orenosv HTTP/FTP Server 0.8.1
-
Orenosv orenosv081a-patch.zip
http://www.orenosv.com/pub/orenosv081a-patch.zip -
Orenosv orenosv081ai6-patch.zip
IPv6 patch.
http://www.orenosv.com/pub/orenosv081ai6-patch.zip
References
Orenosv HTTP/FTP Server CGISSI.EXE Remote Buffer Overflow Vulnerability
References:
References:
- Orenosv HTTP/FTP Server Buffer Overflow Vulnerabilities (Tan Chew Keong)
- Orenosv HTTP/FTP Server Homepage (Orenosv)