Signature Detail
Short Name |
HTTP:EXPLOIT:WEBSTER-URL-OF |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Webster HTTP Server Long Request Buffer Overflow |
Release Date |
2011/12/07 |
Update Number |
2043 |
Supported Platforms |
idp-4.0.110090709+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Webster HTTP Server Long Request Buffer Overflow
This signature detects attempts to exploit a known flaw in the Webster HTTP server. An attacker can send an overlong URL which could result in arbitrary code execution.
Extended Description
A buffer overrun has been discovered in Webster HTTP server when processing malicious URLs. It is possible to trigger this vulnerability by passing an affected server a malconstructed URL of excessive length. Successful exploitation of this issue may allow an attacker to overwrite sensitive locations in memory with malicious values. This may result in the execution of arbitrary code with the privileges of Webster.
Affected Products
- Webster Webster HTTP Server
References
- BugTraq: 6289
- CVE: CVE-2002-2268
- URL: http://www.netdave.com/webster/webster.htm