Avirt Gateway/Gateway Suite/SOHO Telnet Proxy Overflow

2002-01-18T00:00:00
ID OSVDB:6805
Type osvdb
Reporter Strumpf Noir Society(vuln-dev@labs.secureance.com), Riley Hassell(riley@eeye.com)
Modified 2002-01-18T00:00:00

Description

Vulnerability Description

A remote overflow exists in Avirt Gateway, Avirt Gateway Suite and Avirt SOHO. The telnet proxy fails to check bounds of user-supplied input resulting in a buffer overflow. With a specially crafted request, an attacker can cause a denial of service or execute arbitrary code, resulting in a loss of integrity and/or availability.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

A remote overflow exists in Avirt Gateway, Avirt Gateway Suite and Avirt SOHO. The telnet proxy fails to check bounds of user-supplied input resulting in a buffer overflow. With a specially crafted request, an attacker can cause a denial of service or execute arbitrary code, resulting in a loss of integrity and/or availability.

References:

Related OSVDB ID: 6804 Packet Storm: http://packetstormsecurity.org/advisories/misc/avirt.42.txt Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2002-01/0237.html ISS X-Force ID: 7918 Generic Exploit URL: http://archives.neohapsis.com/archives/bugtraq/2002-02/0141.html CVE-2002-0133 Bugtraq ID: 3905