Moby NetSuite 1.0/1.2 POST Handler Buffer Overflow Vulnerability

2014-07-01T00:00:00
ID SSV:75866
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00

Description

No description provided by source.

                                        
                                            
                                                source: http://www.securityfocus.com/bid/6277/info

A buffer overflow vulnerability has been reported for Moby NetSuite that may result in a denial of service condition. Reportedly, it is possible to cause NetSuite to crash when a malformed POST request is received. 

An attacker can exploit this vulnerability by issuing a malformed POST request. When NetSuite attempts to service the malformed POST request, it will crash resulting in a denial of service. Restarting the service is neccessary to restore functionality.

POST /cgi-bin/test.cgi HTTP/1.0
Content-Length: 111111111111111111111111111