|
|
|
|
| |
| The ISS X-Force has discovered buffer overflow vulnerability in the Netscape Enterprise and FastTrack Servers. |
| |
Credit:
Information in this advisory was obtained by the research of Caleb Sima of the ISS X-Force.
|
| |
An attacker can send the web server an overly long HTTP GET request, overflowing a buffer in the Netscape httpd service and overwriting the process's stack. This allows a sophisticated attacker to force the machine to execute arbitrary program code. The ISS X-Force has demonstrated the possibility of using this vulnerability to execute code as SYSTEM on the server, giving an attacker full control of the machine.
Vulnerable systems:
Netscape Enterprise 3.6sp2
Netscape FastTrack 3.0.1 on NT
Admin Server 3.5 on NT
Immune systems:
Netscape FastTrack 3.0.2 on Irix 6.x
Admin Sever 3.5 on Irix 6.x
Netscape Enterprise 3.6sp2 on Irix 6.x
Fix Information:
Apply the Enterprise 3.6 SP 2 SSL Handshake fix, available from Netscape at:
http://www.iplanet.com/downloads/patches/detail_12_86.html.
Exploit
To test yourself for this vulnerability, you can use LWP's "GET":
$ GET -C `perl -e 'print "A"x1025'`:password http://hostname:port
|
|
|
|
|
|
|
|
|
|
