Macromedia JRun 4 is an application server used for developing and deploying Java applications. JRun 4 provides the speed and reliability required to deploy and manage your standards-based Internet applications.
Remote exploitation of a buffer overflow vulnerability in Macromedia's JRun 4 mod_jrun Apache module could allow execution of arbitrary code.
The problem exists in the WriteToLog function of mod_jrun and mod_jrun20, where a fixed size buffer is allocated on the stack.
No bounds checking is performed on the input. When the Verbose logging option is set, this function may be called with user-supplied data. If this data is longer than the space which has been allocated, a buffer overflow may occur. Specially formed input may allow execution of arbitrary commands.
Impact
Successful exploitation allows execution of arbitrary code with the permissions of the user of the httpd process, typically 'nobody' or 'apache'. Note, As the Verbose option is not set by default, most installs will not be vulnerable. An overly long Content-Type field, among other header fields, can be used to trigger this buffer overflow.
Workaround
Setting the Verbose option to "false" in the httpd.conf will prevent this vulnerability from being exploitable. After editing the httpd.conf, restart the httpd. This will reduce the amount of data logged by the server, but will prevent exploitation of this vulnerability.
