Avirt Soho Web Service HTTP GET Buffer Overrun Vulnerability
BID:9723
Info
Avirt Soho Web Service HTTP GET Buffer Overrun Vulnerability
| Bugtraq ID: | 9723 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2004-0316 CVE-1999-1330 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 23 2004 12:00AM |
| Updated: | Jul 12 2009 03:06AM |
| Credit: | Discovery is credited to "Donato Ferrante" <[email protected]>. |
| Vulnerable: |
Avirt SOHO 4.3 |
| Not Vulnerable: | |
Discussion
Avirt Soho Web Service HTTP GET Buffer Overrun Vulnerability
Avirt Soho is prone to a remotely exploitable buffer overrun when handling HTTP GET requests of excessive length via the embedded web service component listening on TCP port 8080. This may crash the server or could allow for remote attackers to execute arbitrary code in the context of the server process.
This issue was reported in Avirt Soho 4.3. Other versions may also be affected.
Avirt Soho is prone to a remotely exploitable buffer overrun when handling HTTP GET requests of excessive length via the embedded web service component listening on TCP port 8080. This may crash the server or could allow for remote attackers to execute arbitrary code in the context of the server process.
This issue was reported in Avirt Soho 4.3. Other versions may also be affected.
Exploit / POC
Solution / Fix
References
Avirt Soho Web Service HTTP GET Buffer Overrun Vulnerability
References:
References:
- Avirt Homepage (Avirt)
- Multiple Remote Buffer Overflow in Avirt Soho 4.3 ("Donato Ferrante"
- Remote Buffer Overflow in Avirt Voice 4.0 ("Donato Ferrante"