WebObjects Remote Overflow Vulnerability
BID:1896
Info
WebObjects Remote Overflow Vulnerability
| Bugtraq ID: | 1896 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2000-0299 |
| Remote: | No |
| Local: | No |
| Published: | Apr 04 2000 12:00AM |
| Updated: | Jul 11 2009 03:56AM |
| Credit: | Reported to Bugtraq by Bruce Potter <[email protected]> on Tue Apr 04 2000 |
| Vulnerable: |
Apple WebObjects Developer NT4 IIS4.0 CGI-adapter 4.5 Developer |
| Not Vulnerable: | |
Discussion
WebObjects Remote Overflow Vulnerability
A denial-of-service vulnerability exists in Apple's WebObjects 4.5 Developer, a popular platform for developing web-based applications. The vulnerable version is Windows NT 4.0 SP5, when run in conjunction with the CGI-adapter and IIS 4.0.
An HTTP request sent with a long header (ie, over 4.1K), will crash webobjects.exe. This may also permit the attacker to remotely execute code with the privilege of IIS, but this has not been verified.
This vulnerability is reportedly present only in installations running under a development license. Those licensed for deployment are not affected.
A denial-of-service vulnerability exists in Apple's WebObjects 4.5 Developer, a popular platform for developing web-based applications. The vulnerable version is Windows NT 4.0 SP5, when run in conjunction with the CGI-adapter and IIS 4.0.
An HTTP request sent with a long header (ie, over 4.1K), will crash webobjects.exe. This may also permit the attacker to remotely execute code with the privilege of IIS, but this has not been verified.
This vulnerability is reportedly present only in installations running under a development license. Those licensed for deployment are not affected.
Exploit / POC
WebObjects Remote Overflow Vulnerability
POST /scripts/WebObjects.exe/EmptyProject HTTP/1.0
Accept: AAAAAAAAA.... (about 4.1K worth of A's)
Content-Length: 16
uselessdata=dork
POST /scripts/WebObjects.exe/EmptyProject HTTP/1.0
Accept: AAAAAAAAA.... (about 4.1K worth of A's)
Content-Length: 16
uselessdata=dork
Solution / Fix
WebObjects Remote Overflow Vulnerability
Solution:
This vulnerability is reportedly present only in installations running under a development license.
Those licensed for deployment are not affected.
Solution:
This vulnerability is reportedly present only in installations running under a development license.
Those licensed for deployment are not affected.