NetDecision HTTP Server Stack-Based Buffer Overflow Vulnerability
BID:52194
Info
NetDecision HTTP Server Stack-Based Buffer Overflow Vulnerability
| Bugtraq ID: | 52194 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2012-1465 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 28 2012 12:00AM |
| Updated: | Mar 08 2015 04:04PM |
| Credit: | Prabhu S Angadi of SecPod Research Team |
| Vulnerable: |
NetMechanica NetDecision 4.5.1 |
| Not Vulnerable: |
NetMechanica NetDecision 4.6.1 |
Discussion
NetDecision HTTP Server Stack-Based Buffer Overflow Vulnerability
NetDecision is prone to a stack-based buffer-overflow vulnerability.
Successful exploits of the buffer-overflow issue may lead to the execution of arbitrary code in the context of the application or to denial-of-service conditions.
NetDecision 4.5.1 is vulnerable; other versions may also be affected.
NetDecision is prone to a stack-based buffer-overflow vulnerability.
Successful exploits of the buffer-overflow issue may lead to the execution of arbitrary code in the context of the application or to denial-of-service conditions.
NetDecision 4.5.1 is vulnerable; other versions may also be affected.
Exploit / POC
NetDecision HTTP Server Stack-Based Buffer Overflow Vulnerability
The following proof-of-concept and exploit are available:
The following proof-of-concept and exploit are available:
Solution / Fix
NetDecision HTTP Server Stack-Based Buffer Overflow Vulnerability
Solution:
Vendor updates are available. Please see the references for more information.
Solution:
Vendor updates are available. Please see the references for more information.
References
NetDecision HTTP Server Stack-Based Buffer Overflow Vulnerability
References:
References:
- NetDecision 4.6.1 is released (maintenance) (NetMechanica)
- NetDecision Homepage (NetMechanica)
- Netmechanica NetDecision HTTP Server Denial Of Service Vulnerability (SecPod Research)