Skip to content

J-Security Center

Latest Attack Object Updates
  • IDP Daily Update #1246
    posted: 08/19/08
  • NSM Daily Update #1246
    posted: 08/19/08
  • Deep Inspection 5.3r5 and above, 5.4, 6.0 #1246
    posted: 08/19/08
  • Deep Inspection 5.1, 5.2, 5.3r4 and below #1227
    posted: 08/19/08
  • Deep Inspection 5.0 #1132
    posted: 04/01/08
  • Antivirus
    posted: 08/18/08

Title: Inktomi Traffic Server Traffic_Manager Path Argument Buffer Overflow Vulnerability

Severity: HIGH

Description:

Inktomi Traffic Server is a transparent web caching application. It is designed for use with Unix and Linux variants as well as Microsoft Windows operating environments.

A buffer overflow vulnerability has been reported for Inktomi Traffic Server. The vulnerability occurs in the traffic_manager binary included with Inktomi Traffic Server.

The traffic_manager utility is used to manage Inktomi Traffic Server and it is installed as a setuid root executable in the <install path>/bin directory.

Reportedly, executing traffic_manager with an excessively long path commandline argument will cause a buffer overflow condition. As traffic_manager is a setuid root executable, it is possible for a local attacker to obtain administrative access on the vulnerable system.

Executing traffic_manager with an argument composed of greater than 1700 bytes to the '-path' commandline option will trigger the buffer overflow.

This vulnerability has been tested on a Solaris platform and affects all Unix and Linux variants.

Affected Products:

  • Inktomi Media-IXT 3.0.4
  • Inktomi Traffic Edge 1.1.2
  • Inktomi Traffic Edge 1.5.0.0
  • Inktomi Traffic Server 4.0.18
  • Inktomi Traffic Server 4.0.20
  • Inktomi Traffic Server 5.1.3
  • Inktomi Traffic Server 5.2.0.0-R
  • Inktomi Traffic Server 5.2.1
  • Inktomi Traffic Server 5.2.2

References: