Info

Disclosure

May 06, 2005

Discovery

Mar 31, 2005

Dates

Exploit

May 06, 2005

Solution

Unknown

Description

A remote overflow exists in 4D WebSTAR. The Tomcat plugin fails to validate URLs resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution or denial of service resulting in a loss of integrity, and/or availability.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service, Input Manipulation
Impact: Loss of Integrity, Loss of Availability
Exploit: Exploit Public

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

4d, Inc.	WebSTAR	5.33
		5.4

References

Bugtraq ID: 13538
Secunia Advisory ID: 15278
CVE ID: 2005-1507 (see also: NVD)
ISS X-Force ID: 20478
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-05/0086.html
http://marc.theaimsgroup.com/?l=bugtraq&m=111541709402784&w=2
Vendor URL: http://www.4d.com/

Credit

Braden Thomas - bjthomasusc.edu -

Direct URL: http://osvdb.org/16154

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

4d, Inc.

WebSTAR

References

Credit