Signature Detail

HTTP: JanaServer HTTP Version Buffer Overflow

This signature detects attempts to exploit a known vulnerability against JanaServer HTTP Server, an Internet gateway for Windows. JanaServer 2.21 and prior are vulnerable. Attackers can send a maliciously crafted HTTP GET request to overflow the buffer.

Extended Description

Jana Server is a server for Microsoft Windows based systems. Jana Server provides a wide range of proxy servers, and a number of other services. A SMTP gateway service is provided. A buffer overflow vulnerability has been reported in the SMTP gateway service. A malicious server may return an oversized reply to Jana Server. This may result in the corruption of process memory, and the vulnerable server crashing.

Affected Products

• T. Hauck Jana Webserver 1.0.0
• T. Hauck Jana Webserver 1.45.0
• T. Hauck Jana Webserver 1.46.0
• T. Hauck Jana Webserver 2.0.0
• T. Hauck Jana Webserver 2.0.0 Beta1
• T. Hauck Jana Webserver 2.0.0 Beta2
• T. Hauck Jana Webserver 2.2.1

References

• BugTraq: 5324
• CVE: CVE-2002-1061
• URL: http://nvd.nist.gov/nvd.cfm?cvename=CAN-2002-1061
• URL: http://online.securityfocus.com/archive/1/284473