what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

eSO-5063.txt

eSO-5063.txt
Posted May 22, 2002
Authored by Kevin Kotas | Site eSecurityOnline.com

eSO Security Advisory 5063 - The gettransbitmap CGI, which is part of the AnswerBook2 Documentation Server, contains a remote exploitable buffer overflow. This vulnerability affects Sun AnswerBook2 version 1.4, 1.4.1, 1.4.2 and 1.4.3.

tags | remote, overflow, cgi
SHA-256 | f192b1acbf3f1b88a8cd9bcd90d75cfc8be19e5bdf71d9fca9e2cdcf619082b2

eSO-5063.txt

Change Mirror Download
eSO Security Advisory:          5063
Discovery Date: March 1, 2002
ID: eSO:5063
Title: Sun AnswerBook2 gettransbitmap buffer
overflow vulnerability
Impact: Remote attackers can execute arbitrary
code.
Affected Technology: Sun AnswerBook2 1.4, 1.4.1, 1.4.2,
1.4.3
Vendor Status: Vendor notified.
Discovered By: Kevin Kotas of the eSecurityOnline
Research and Development Team
CVE Reference: CAN-2002-0360

Advisory Location:
http://www.eSecurityOnline.com/advisories/eSO5063.asp

Description:
Sun AnswerBook2 is vulnerable to a stack based buffer overflow
condition that can allow a remote attacker to execute arbitrary code.
The problem is due to the gettransbitmap CGI that comes with
AnswerBook2 not correctly performing bounds checking on the filename
argument. A remote attacker can create a request that will result in
arbitrary code execution with user daemon privileges.

Technical Recommendation:
Presently, there are no vendor patches available. As a workaround
solution, remove access to the gettransbitmap binary.

chmod 0000 <path to>/gettransbitmap

Otherwise, disable AnswerBook2.

© 2002 eSecurityOnline LLC. All rights reserved.

THE INFORMATION IN THIS VULNERABILITY ALERT IS PROVIDED BY
ESECURITYONLINE LLC "AS IS", "WHERE IS", WITH NO WARRANTY OF ANY KIND,
AND ESECURITYONLINE LLC HEREBY DISCLAIMS THE IMPLIED WARRANTIES OF
NON-INFRINGEMENT, MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE. ESECURITYONLINE LLC SHALL HAVE NO LIABILITY FOR ANY DAMAGE,
CLAIM OR LOSS RESULTING FROM YOUR USE OF THE INFORMATION CONTAINED IN
THIS VULNERABILITY ALERT.
Login or Register to add favorites

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close