Info

Disclosure

Apr 26, 2005

Discovery

Unknown

Dates

Exploit

Apr 26, 2005

Solution

Unknown

Description

A remote overflow exists in Pound. The add_port() function fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted request, a remote attacker can crash the application resulting in a loss of availability.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service, Input Manipulation
Impact: Loss of Integrity, Loss of Availability
Exploit: Exploit Public
Disclosure: OSVDB Verified
OSVDB: Web Related

Solution

Upgrade to version 1.8.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Apsis GmbH

Pound

1.8.2

References

Security Tracker: 1013824
Bugtraq ID: 13436
Secunia Advisory ID: 15142 15202 15679
CVE ID: 2005-1391 (see also: NVD)
ISS X-Force ID: 20316
Other Advisory URL: http://lists.suse.com/archive/suse-security-announce/2005-Jun/0004.html
http://security.gentoo.org/glsa/glsa-200504-29.xml
Vendor URL: http://www.apsis.ch/pound/
Vendor Specific Advisory URL: http://www.apsis.ch/pound/pound_list/archive/2005/2005-04/1114516112000

Credit

Steven Van Acker - deepstarulyssis.org -

Direct URL: http://osvdb.org/15963