LISTSERV contains multiple buffer overflow vulnerabilities in the WA CGI script

Overview

Several buffer overflow vulnerabilities have been discovered in LISTSERV. These vulnerabilities could allow a remote attacker to execute arbitrary code on an affected system.

Description

L-Soft’s LISTSERV is an email list management software package. It includes a Web Archive and Administration (WA) interface that allows users to browse and search list archives, and list owners and site maintainers to perform a number of management tasks. Several buffer overflow errors were discovered in the WA CGI component. These vulnerabilities are reported to affect LISTSERV versions 14.3 and 14.4, including LISTSERV Lite and HPO on all supported platforms. The specific nature of the underlying vulnerabilities is unknown at this time, however the reporter has stated that additional technical details will be publicly released on 2006-06-03.

---

Impact

A remote attacker may be able to execute code of their choosing with the permissions of the WA CGI program.

---

Solution

Upgrade

L-Soft has released version 14.5 of LISTSERV and LISTSERV Lite that contains a fix for these vulnerabilities. For more information please see the “WA Security Alert” featured in the software release notes. Users of these products are strongly urged to upgrade to this fixed version of the software.

---

Vendor Information

Javascript is disabled. Click here to view vendors.

CVSS Metrics

Group	Score	Vector
Base
Temporal
Environmental

References

• <http://www.ngssoftware.com/advisories/listserv_3.txt&gt;
• <http://secunia.com/advisories/19106/&gt;
• <http://www.lsoft.com/manuals/1.8e/relnotes/LISTSERV14.5-Release-Notes.html#wasecurityalert&gt;

Acknowledgements

Peter Winter-Smith of Next Generation Security Software Research reported this vulnerability.

This document was written by Chad R Dougherty.

Other Information

CVE IDs:	CVE-2006-1044
Severity Metric:	18.28 Date Public: