WebSTAR Tomcat Plugin URL Remote Overflow

2005-05-06T13:05:20
ID OSVDB:16154
Type osvdb
Reporter Braden Thomas(bjthomas@usc.edu)
Modified 2005-05-06T13:05:20

Description

Vulnerability Description

A remote overflow exists in 4D WebSTAR. The Tomcat plugin fails to validate URLs resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution or denial of service resulting in a loss of integrity, and/or availability.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

A remote overflow exists in 4D WebSTAR. The Tomcat plugin fails to validate URLs resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution or denial of service resulting in a loss of integrity, and/or availability.

References:

Vendor URL: http://www.4d.com/ Secunia Advisory ID:15278 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-05/0086.html CVE-2005-1507 Bugtraq ID: 13538