Title: Improved mod_frontpage Buffer Overflow Vulnerability
Severity: CRITICAL
Description:
Improved mod_frontpage is a module for the Apache webserver that allows for enhanced webserver interaction with the Frontpage client.
Improved mod_frontpage is susceptible to a buffer overflow condition that may allow for remote attackers to compromise the webserver. The bug is reportedly present in the fp_exec.c component and is due to insufficient bounds checking on memory-copy operations.
The vulnerable component is reportedly installed setuid root. Consequently, an attacker who successfully exploits this vulnerability may gain complete control over the host.
Affected Products:
- Christof Pohl Improved mod_frontpage 1.3.1
- Christof Pohl Improved mod_frontpage 1.3.2
- Christof Pohl Improved mod_frontpage 1.4.1
- Christof Pohl Improved mod_frontpage 1.5.0
- Christof Pohl Improved mod_frontpage 1.5.1
- MandrakeSoft Linux Mandrake 8.0.0
- MandrakeSoft Linux Mandrake 8.0.0 ppc
- MandrakeSoft Linux Mandrake 8.1.0
- MandrakeSoft Linux Mandrake 8.1.0 ia64
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
