• IDP Daily Update #1246
  posted: 08/19/08
  
• NSM Daily Update #1246
  posted: 08/19/08
  
• Deep Inspection 5.3r5 and above, 5.4, 6.0 #1246
  posted: 08/19/08
  
• Deep Inspection 5.1, 5.2, 5.3r4 and below #1227
  posted: 08/19/08
  
• Deep Inspection 5.0 #1132
  posted: 04/01/08
  
• Antivirus
  posted: 08/18/08

Text Size:        

• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: Inktomi Traffic Server Traffic_Manager Path Argument Buffer Overflow Vulnerability

Severity: HIGH

Description:

Inktomi Traffic Server is a transparent web caching application. It is designed for use with Unix and Linux variants as well as Microsoft Windows operating environments.

A buffer overflow vulnerability has been reported for Inktomi Traffic Server. The vulnerability occurs in the traffic_manager binary included with Inktomi Traffic Server.

The traffic_manager utility is used to manage Inktomi Traffic Server and it is installed as a setuid root executable in the <install path>/bin directory.

Reportedly, executing traffic_manager with an excessively long path commandline argument will cause a buffer overflow condition. As traffic_manager is a setuid root executable, it is possible for a local attacker to obtain administrative access on the vulnerable system.

Executing traffic_manager with an argument composed of greater than 1700 bytes to the '-path' commandline option will trigger the buffer overflow.

This vulnerability has been tested on a Solaris platform and affects all Unix and Linux variants.

Affected Products:

• Inktomi Media-IXT 3.0.4
• Inktomi Traffic Edge 1.1.2
• Inktomi Traffic Edge 1.5.0.0
• Inktomi Traffic Server 4.0.18
• Inktomi Traffic Server 4.0.20
• Inktomi Traffic Server 5.1.3
• Inktomi Traffic Server 5.2.0.0-R
• Inktomi Traffic Server 5.2.1
• Inktomi Traffic Server 5.2.2

References:

• Inktomi: Local root vulnerability in traffic_manager command
• Inktomi: Inktomi Homepage