OSVDB ID: 79093

Title: RabidHamster R2 Extreme File Command Parsing Remote Overflow

Info

Disclosure

Feb 10, 2012

Discovery

Unknown

Dates

Exploit

Feb 10, 2012

Solution

Unknown

Description

RabidHamster R2 is prone to an overflow condition. The 'file' command fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted request containing an overly long file parameter, a remote attacker can potentially cause arbitrary code execution.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Solution Unknown
Exploit: Exploit Public
Disclosure: Uncoordinated Disclosure

Solution

OSVDB is not aware of a solution for this vulnerability.

Products

Gordon Williams

RabidHamster R2

1.65

References

Credit

Unknown or Incomplete



Direct URL: http://osvdb.org/79093