webfs Remote Request-URI Overflow

2003-06-19T00:00:00
ID OSVDB:6683
Type osvdb
Reporter OSVDB
Modified 2003-06-19T00:00:00

Description

Vulnerability Description

A remote overflow exists in webfs. The webfs server fails to check the length of the Request-URI parameter resulting in a buffer overflow. With a specially crafted request, an attacker can cause the execution of arbitrary commands resulting in a loss of integrity.

Solution Description

Upgrade to version 1.19 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

A remote overflow exists in webfs. The webfs server fails to check the length of the Request-URI parameter resulting in a buffer overflow. With a specially crafted request, an attacker can cause the execution of arbitrary commands resulting in a loss of integrity.

References:

Vendor URL: http://linux.bytesex.org/misc/webfs.html Vendor Specific Advisory URL Secunia Advisory ID:9080 CVE-2003-0445 Bugtraq ID: 7990