Signature Detail
Short Name |
HTTP:STC:DL:INTELLITAMPER-CAT |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
IntelliTamper Catalog File Buffer Overflow |
Release Date |
2012/12/10 |
Update Number |
2209 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: IntelliTamper Catalog File Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the IntelliTamper. A successful attack can lead to a buffer overflow and arbitrary remote code execution.
Extended Description
IntelliTamper is prone to a buffer-overflow vulnerability because the application fails to properly validate the size of user-supplied data before copying it into a fixed-sized buffer. This issue allows remote attackers to execute arbitrary machine code in the context of applications that use IntelliTamper. Failed exploit attempts will likely crash the application, denying service to legitimate users. IntelliTamper 2.07 and 2.08 are vulnerable; other versions may also be affected.
Affected Products
- IntelliTamper 2.07
- IntelliTamper 2.08
References
- BugTraq: 33179