Serv-U File Server HTTP Header Remote Buffer Overflow Vulnerability


Description   A vulnerability has been identified in Serv-U File Server, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by a buffer overflow error in the HTTP service when processing a request containing an overly long "Session" parameter within the "Cookie:" HTTP header, which could allow remote attackers to crash an affected server or execute arbitrary code by sending a specially crafted HTTP request to a vulnerable server.
     
Vulnerable Products   Vulnerable Software:
Serv-U File Server version 9.0.0.5 and prior
     
Solution   Upgrade to Serv-U version 9.1.0.0.
     
CVE   CVE-2009-4873
     
References   http://www.rangos.de/ServU-ADV.txt
     
Vulnerability Manager Detection   Yes (since ASQ v3.5.0)
     
IPS Protection  
ASQ Engine alarm Available Since
Possible buffer overflow on URL
3.2.0
Possible buffer overflow in HTTP request/reply
3.2.0
     


 
 
 
 
 Risk level 
Critical 

 Vulnerability First Public Report Date 
2009-11-02 

 Target Type 
Server 

 Possible exploit 
Local & Remote