HTTP: Red Hat Directory Server Accept-Language HTTP Header Parsing Buffer Overflow
This signature detects attempts to exploit a known vulnerability in Red Hat Directory Server. It is due to improper data validation in the Administrator Web Interface component. A remote attacker can trigger this by sending crafted HTTP request to the affected service, potentially injecting and executing arbitrary code with root level privileges. In a successful sophisticated code injection attack, the behaviour of the target is entirely dependent on the intended function of the injected code. The code in such a case would execute within the security context of the affected service. In an attack case where code injection is not successful, the affected CGI application terminates abnormally.
Extended Description
Red Hat Directory Server is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers could exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause denial-of-service conditions. NOTE: The Administration Server of Directory Server usually runs with superuser privileges. The following are affected: - Red Hat Directory Server 7.1 - Versions prior to 'adminutil' 1.1.7
Affected Products
Red_hat directory_server
Short Name
HTTP:LINUX:REDHAT-ACCEPT-LANG
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Accept-Language Buffer CVE-2008-2928 Directory HTTP Hat Header Overflow Parsing Red Server bid:30869
Release Date
10/11/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Red_hat
Hp
CVSS Score
10.0