Buffer overflow in Webfind CGI program in OReilly WebSite Professional web server 2.x allows remote attackers to execute arbitrary commands via a URL containing a long keywords parameter.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Website_professional | Oreilly | 2.3.18 (including) | 2.3.18 (including) |
| Website_professional | Oreilly | 2.4 (including) | 2.4 (including) |
| Website_professional | Oreilly | 2.4.9 (including) | 2.4.9 (including) |
References
- http://website.oreilly.com/support/software/wspro25_releasenotes.txt
- http://www.nai.com/research/covert/advisories/043.asp
- http://www.securityfocus.com/bid/1487
- https://exchange.xforce.ibmcloud.com/vulnerabilities/4962
- http://website.oreilly.com/support/software/wspro25_releasenotes.txt
- http://www.nai.com/research/covert/advisories/043.asp
- http://www.securityfocus.com/bid/1487
- https://exchange.xforce.ibmcloud.com/vulnerabilities/4962