 |
|
|
|
| Vulnerability details : |
| |
 |
|
ADA Image Server Request Overflow |
|
|
Fiche créée le 2004-04-05 16:29:23, dernière mise à jour le 2008-03-02 23:47:31
A remote overflow exists in ADA Image Server 0.4. With a specially crafted request, an attacker can cause an overflow that could allow arbitrary code execution resulting in a loss of integrity and availability.
By sending a GET request followed by 2,112 characters, an attacker can cause the web server to crash. By further modifying the request, it may be possible to execute arbitrary code with the same privileges as the web server.
telnet [victim] 80
GET /[2112 chars] http/1.0
|
| |
| ADA 0.4 Affected | | | Attack Type : Input Manipulation
XSS, SQL injection, file retrieval, directory traversal, overflows, URL encoding. | Découvert le 2004-04-05 16:29:06
| | Disclosure : OSVDB Verified | Confirmé le 2004-04-05 16:29:06
| | Exploit : Exploit Public | Exploit découvert le 2004-04-05 07:00:00
| Impact : Loss of Integrity
Assurance that data is unaltered by unauthorized persons.
Examples: XSS, arbitrary command execution, most overflows, most format strings, SQL injection, unauthorized file modification/deletion/creation, remote file inclusion, etc. | | | Impact : Loss of Availability
Assurance of timely and reliable access to data.
Examples: any DoS attack of any kind, unauthorized file deletion, etc. anything that can cause the availability of a service or information to be impacted. | | | Location : Remote / Network Access
If network access if required and exploit can be done remotely. | | |
| |
| External refs : |
| OSVDB 4945 | | | | | | | | | | | | | | | | |
| |
| |
| |
| |
|
|
|
|
| Free consultation (search) |
|
|
|
|
|
| |
|
|
|
