ValiCert Enterprise Validation Authority forms.exe extension Overflow

2001-12-04T00:00:00
ID OSVDB:13218
Type osvdb
Reporter Phuzzy L0gic(phyz@nmrc.org), Cyberiad(cyberiad@nmrc.org)
Modified 2001-12-04T00:00:00

Description

Vulnerability Description

A remote overflow exists in Enterprise Validation Authority. The forms.exe program fails to validate the extension variable resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Solution Description

Upgrade to version 4.2.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

A remote overflow exists in Enterprise Validation Authority. The forms.exe program fails to validate the extension variable resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Manual Testing Notes

http://[victim]:13333/cgi-bin/forms.exe?extension={A x 995}&command=Add+Extension

References:

Security Tracker: 1002897 Related OSVDB ID: 13212 Related OSVDB ID: 13216 Related OSVDB ID: 13217 Related OSVDB ID: 13209 Related OSVDB ID: 13220 Related OSVDB ID: 13221 Related OSVDB ID: 13214 Related OSVDB ID: 13215 Related OSVDB ID: 13219 Related OSVDB ID: 13210 Related OSVDB ID: 13211 Related OSVDB ID: 13213 Related OSVDB ID: 13222 Mail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=100749428517090&w=2 ISS X-Force ID: 7652 CVE-2001-0949 Bugtraq ID: 3631