mnoGoSearch UdmDocToTextBuf Buffer Overflow Vulnerability
BID:9667
Info
mnoGoSearch UdmDocToTextBuf Buffer Overflow Vulnerability
| Bugtraq ID: | 9667 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2004-0288 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 16 2004 12:00AM |
| Updated: | Jul 12 2009 03:06AM |
| Credit: | Discovery of this vulnerability has been credited to Jedi/Sector One <[email protected]>. |
| Vulnerable: |
mnoGoSearch mnoGoSearch 3.2.15 mnoGoSearch mnoGoSearch 3.2.14 mnoGoSearch mnoGoSearch 3.2.13 mnoGoSearch mnoGoSearch 3.2.10 mnoGoSearch mnoGoSearch 3.1.20 mnoGoSearch mnoGoSearch 3.1.19 |
| Not Vulnerable: | |
Discussion
mnoGoSearch UdmDocToTextBuf Buffer Overflow Vulnerability
mnoGoSearch is multi-platform web search engine software for Intranet and Internet servers.
The function UdmDocToTextBuf() used to concatenate data sections has been reported prone to a buffer overflow condition. The issue exists due to a lack of sufficient boundary checks performed before copying concatenated data into a reserved stack based buffer.
An attacker may exploit this vulnerability to potentially execute attacker-supplied instructions in the context of the vulnerable mnoGoSearch server.
mnoGoSearch is multi-platform web search engine software for Intranet and Internet servers.
The function UdmDocToTextBuf() used to concatenate data sections has been reported prone to a buffer overflow condition. The issue exists due to a lack of sufficient boundary checks performed before copying concatenated data into a reserved stack based buffer.
An attacker may exploit this vulnerability to potentially execute attacker-supplied instructions in the context of the vulnerable mnoGoSearch server.
Exploit / POC
mnoGoSearch UdmDocToTextBuf Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
mnoGoSearch UdmDocToTextBuf Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
mnoGoSearch UdmDocToTextBuf Buffer Overflow Vulnerability
References:
References:
- mnoGoSearch Homepage (mnoGoSearch)
- Buffer overflow in mnoGoSearch (Jedi/Sector One