| VID |
22220 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The WebSite Pro, according to its version number, has various buffer overflow vulnerabilities.
There are buffer overflow vulnerabilities in all releases prior to version 2.5 of WebSite Pro server. By exploiting these vulnerabilities, a remote attacker can overflow a buffer and execute arbitrary code on the system.
* References:
http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0007&L=ntbugtraq&F=&S=&P=5946
* Platforms Affected:
OReilly Software WebSite Professional 2.4.9 and earlier
Microsoft Windows Any version |
| Recommendation |
O'Reilly will no longer sell or support WebSite Professional. WebSite has been continued development of the product, now named VisNetic WebSite.
Use another Web Server or the latest version of VisNetic WebSite (3.5.19 or later), available from VisNetic Software Web site at http://www.deerfield.com/products/visnetic_website/ |
| Related URL |
CVE-2000-0623 (CVE) |
| Related URL |
1492 (SecurityFocus) |
| Related URL |
4970 (ISS) |
|
