| VID |
210151 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
Web server on the host system is vulnerable to buffer overflow attack.
Buffer overflows can be triggered by inputs that are designed to execute code, or alter the way the program operates. This may result in erratic program behavior, including memory access errors, incorrect results, a crash, or a breach of system security. Thus, they are the basis of many software vulnerabilities and can be maliciously exploited.
* References:
http://en.wikipedia.org/wiki/Buffer_overflow
* Platforms Affected:
Any HTTP server Any version
Any operating system Any version |
| Recommendation |
Take the following steps:
1. Maintain the web server's products in safe versions.
2. Check whether the length of input values that are delivered into web application is acceptable.
3. Check whether the value that is used to allocate memories dynamically is negative number. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
