Analog ALIAS Buffer Overflow Vulnerability
BID:2377
Info
Analog ALIAS Buffer Overflow Vulnerability
| Bugtraq ID: | 2377 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 13 2001 12:00AM |
| Updated: | Feb 13 2001 12:00AM |
| Credit: | This vulnerability was discovered and announced to Bugtraq by Stephen Turner <[email protected]> on February 16, 2001. |
| Vulnerable: |
Stephen Turner Analog 4.90 beta2 Stephen Turner Analog 4.15 |
| Not Vulnerable: | |
Discussion
Analog ALIAS Buffer Overflow Vulnerability
Analog is a freely available log analysis tool that provides advanced features. It was originally written by Stephen Turner.
As designed, the software makes it possible for a user to remotely access network statistics using cgi scripts and HTTP FORM methods. When queried, the cgi accesses analog, and outputs statistics to a web page. Due to a buffer overflow in analog, and improper checking of input by the cgi program, it is possible for a user to supply a long ALIAS field to the analog program, which will result in a buffer overflow.
The problem makes it possible for a malicious user to remotely execute arbitrary code, and execute commands with privileges equal to the httpd process.
Analog is a freely available log analysis tool that provides advanced features. It was originally written by Stephen Turner.
As designed, the software makes it possible for a user to remotely access network statistics using cgi scripts and HTTP FORM methods. When queried, the cgi accesses analog, and outputs statistics to a web page. Due to a buffer overflow in analog, and improper checking of input by the cgi program, it is possible for a user to supply a long ALIAS field to the analog program, which will result in a buffer overflow.
The problem makes it possible for a malicious user to remotely execute arbitrary code, and execute commands with privileges equal to the httpd process.
Exploit / POC
Analog ALIAS Buffer Overflow Vulnerability
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Analog ALIAS Buffer Overflow Vulnerability
Solution:
Upgrades available:
Stephen Turner Analog 4.15
Stephen Turner Analog 4.90 beta2
Solution:
Upgrades available:
Stephen Turner Analog 4.15
-
Debian 2.2 alpha analog_4.01-1potato1_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/anal og_4.01-1potato1_alpha.deb -
Debian 2.2 arm analog_4.01-1potato1_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/analog _4.01-1potato1_arm.deb -
Debian 2.2 i386 analog_4.01-1potato1_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/analo g_4.01-1potato1_i386.deb -
Debian 2.2 m68k analog_4.01-1potato1_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/analo g_4.01-1potato1_m68k.deb -
Debian 2.2 ppc analog_4.01-1potato1_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/an alog_4.01-1potato1_powerpc.deb -
Debian 2.2 sparc analog_4.01-1potato1_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/anal og_4.01-1potato1_sparc.deb -
Stephen Turner Analog 4.16
http://www.analog.cx/download.html -
TurboLinux TurboLinux 6.0.5 analog-4.16-2.i386.rpm
ftp://ftp.turbolinux.com/pub/updates/6.0/security/analog-4.16-2.i386.r pm
Stephen Turner Analog 4.90 beta2
-
Stephen Turner Analog 4.90beta3
http://www.analog.cx/download.html
References
Analog ALIAS Buffer Overflow Vulnerability
References:
References: