Acunetix Web Scanner HTTP Sniffer Overflow DoS

2005-08-07T03:46:32
ID OSVDB:18665
Type osvdb
Reporter Eric Basher(basher13@linuxmail.org)
Modified 2005-08-07T03:46:32

Description

Vulnerability Description

A remote overflow exists in Acunetix Web Vulnerability Scanner. The 'Sniffer' component fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted request, a remote attacker can cause the application to crash resulting in a loss of availability.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

A remote overflow exists in Acunetix Web Vulnerability Scanner. The 'Sniffer' component fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted request, a remote attacker can cause the application to crash resulting in a loss of availability.

References:

Vendor URL: http://www.acunetix.com/ Security Tracker: 1014628 ISS X-Force ID: 21739 Generic Exploit URL: http://www.securiteam.com/windowsntfocus/5GP0120GKS.html Bugtraq ID: 14488