Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:OVERFLOW:NULLHTTPD-ROOT-OF

Severity

 Critical

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 bakkum http overflow

Release Date

 2003/04/22

Update Number

 1213

Supported Platforms

 di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Null httpd Remote Root Buffer Overflow


This signature detects attempts to exploit a known vulnerability against Null HTTPD. Attackers can remotely send shellcode in a maliciously crafted POST command to gain local access.

Extended Description

A heap corruption vulnerability has been discovered in Null httpd. By passing a small content length value to the server and triggering the server to make a second recv() of POST data, it is possible to overrun a buffer. An attacker may exploit this condition to overwrite arbitrary words in memory through the free() function. This may allow for the execution of arbitrary code. It should be noted that this vulnerability is similar to the issue described in BID 5774, but requires a slightly different method to trigger.

Affected Products

  • NullLogic Null HTTPd 0.5.0
  • NullLogic Null HTTPd 0.5.1

References

  • BugTraq: 6255
  • URL: http://www.juniper.net/security/auto/vulnerabilities/vuln192.html

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out