Linksys WRT54G apply.cgi POST Request Overflow

2005-09-13T08:38:08
ID OSVDB:19389
Type osvdb
Reporter Greg MacManus()
Modified 2005-09-13T08:38:08

Description

Vulnerability Description

A remote overflow exists in Linksys Wireless-G Router WRT54G. The 'apply.cgi' script fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted HTTP POST request, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

Solution Description

Upgrade to firmware 4.20.7 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

A remote overflow exists in Linksys Wireless-G Router WRT54G. The 'apply.cgi' script fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted HTTP POST request, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

References:

Vendor URL: http://www.linksys.com/ Security Tracker: 1014894 Secunia Advisory ID:16806 Related OSVDB ID: 19386 Related OSVDB ID: 19387 Related OSVDB ID: 19388 Related OSVDB ID: 19390 Other Advisory URL: http://www.idefense.com/application/poi/display?id=305&type=vulnerabilities Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-09/0391.html ISS X-Force ID: 22259 CVE-2005-2799 Bugtraq ID: 14822