J-Security Center

Latest Attack Object Updates
  • IDP Daily Update #1545
    posted: 11/19/09
  • NSM Daily Update #1545
    posted: 11/19/09
  • Deep Inspection 5.3r5 and above, 5.4, 6.0 #1545
    posted: 11/19/09
  • Deep Inspection 5.1 and 5.2 #1435
    posted: 11/19/09
  • Deep Inspection 5.0, 5.3r4 and below #1132
    posted: 03/28/08 (04/01/08 for 5.0)
  • Antivirus
    posted: 11/19/09

Title: Phusion Webserver Long URL Buffer Overflow Vulnerability

Severity: CRITICAL

Description:

Phusion Webserver is a commercial HTTP server that runs on Microsoft Windows 9x/NT/2000 operating systems.

Phusion Webserver does not perform sufficient bounds checking of externally supplied data in the HTTP GET requests. As a result, it is possible for a remote attacker to submit an excessively long web request which may cause stack variables, including the return address, to be overwritten. Arbitrary code execution is possible if the attacker overwrites stack variables with attacker-supplied instructions.

As webservers normally run with SYSTEM privileges on Microsoft Windows operating systems, this may result in a full compromise of a host running the vulnerable software.

It should be noted that this unchecked buffer may also be exploited to cause a denial of service condition.

Affected Products:

  • BBShareware.Com Phusion Webserver 1.0.0

References:

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.