ESRI ArcSDE Server Stack Buffer Overflow Vulnerability

Bugtraq ID:	23175
Class:	Boundary Condition Error
CVE:
Remote:	Yes
Local:	No
Published:	Mar 28 2007 12:00AM
Updated:	Jul 04 2007 10:47PM
Credit:	The vendor disclosed this issue.
Vulnerable:	ESRI ArcSDE 9.1 ESRI ArcSDE 9.0 ESRI ArcSDE 8.3
Not Vulnerable:

ESRI ArcSDE Server Stack Buffer Overflow Vulnerability

ESRI ArcSDE Server is prone to a stack-based buffer-overflow vulnerability.

An attacker can exploit this issue on an affected computer to execute code in the context of the affected application.

ESRI ArcSDE Server versions 8.3, 9.0, and 9.1 are vulnerable to this issue.

Note: This BID was initially written as a denial-of-service issue. It has been updated to a stack-based buffer-overflow issue because of new information.

ESRI ArcSDE Server Stack Buffer Overflow Vulnerability

The following exploit is available:

• /data/vulnerabilities/exploits/23175.c

ESRI ArcSDE Server Stack Buffer Overflow Vulnerability

Solution:
The vendor has released a fix for this issue; please see the references for more information.


ESRI ArcSDE 8.3

• ESRI ArcSDE 8.3 Security Patch
  http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.vie wPatch&PID=19&MetaID=1260

ESRI ArcSDE 9.1

• ESRI ArcSDE 9.1 Security Patch
  http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.vie wPatch&PID=19&MetaID=1262

ESRI ArcSDE 9.0

• ESRI ArcSDE 9.0 Security Patch
  http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.vie wPatch&PID=19&MetaID=1261

ESRI ArcSDE Server Stack Buffer Overflow Vulnerability

References:

• ArcSDE Homepage (ESRI)
  
• iDefense Security Advisory 04.04.07: ESRI ArcSDE Buffer Overflow Vulnerability (iDefense)
  
• ArcSDE 8.3 Three Tiered Connection Security Patch (ESRI)
  
• ArcSDE 9.0 Three Tiered Connection Security Patch (ESRI)
  
• ArcSDE 9.1 Three Tiered Connection Security Patch (ESRI)
  
• ESRI ArcSDE Buffer Overflow Vulnerability (iDefense Labs)