Mediahouse Statistics Server LiveStats Buffer Overflow Vulnerability
BID:1568
Info
Mediahouse Statistics Server LiveStats Buffer Overflow Vulnerability
| Bugtraq ID: | 1568 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Aug 10 2000 12:00AM |
| Updated: | Aug 10 2000 12:00AM |
| Credit: | Discovered by Nemo <[email protected]> and |Zan <[email protected]> on August 10, 2000. |
| Vulnerable: |
MediaHouse Software Statistics Server LiveStats 5.2 |
| Not Vulnerable: | |
Discussion
Mediahouse Statistics Server LiveStats Buffer Overflow Vulnerability
Mediahouse Statistics Server LiveStats is susceptible to a buffer overflow attack if a URL in a GET request contains over 2030 bytes. Depending on the data inserted into the request, the application will crash or can be forced to execute arbitrary code.
Mediahouse Statistics Server LiveStats is susceptible to a buffer overflow attack if a URL in a GET request contains over 2030 bytes. Depending on the data inserted into the request, the application will crash or can be forced to execute arbitrary code.
Exploit / POC
Mediahouse Statistics Server LiveStats Buffer Overflow Vulnerability
Nemo <[email protected]> and |Zan <[email protected]> have released the following exploit:
Nemo <[email protected]> and |Zan <[email protected]> have released the following exploit:
Solution / Fix
Mediahouse Statistics Server LiveStats Buffer Overflow Vulnerability
Solution:
Mediahouse has released the following upgrade:
MediaHouse Software Statistics Server LiveStats 5.2
Solution:
Mediahouse has released the following upgrade:
MediaHouse Software Statistics Server LiveStats 5.2
References
Mediahouse Statistics Server LiveStats Buffer Overflow Vulnerability
References:
References:
- Statistics Server 5.02x overflow (DeepZone)
- Statistics Server LiveStats Product Homepage (Mediahouse)