Lucene search

SAINT CorporationSAINT:CC49AB80F698273CCAEF529DE87CBB05

HistoryJul 28, 2006 - 12:00 a.m.

ViRobot Server web interface addschup buffer overflow

2006-07-2800:00:00

SAINT Corporation

my.saintcorporation.com

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

EPSS

0.12

Percentile

95.4%

JSON

Added: 07/28/2006
CVE: CVE-2005-2041
BID: 13964
OSVDB: 17320

Background

ViRobot Linux Server includes a web-based control interface.

Problem

A buffer overflow in the **addschup** CGI program included in the ViRobot Linux Server allows remote attackers to write arbitrary commands into the root crontab file, leading to complete control over the server.

Resolution

Apply the patch.

References

<http://archives.neohapsis.com/archives/fulldisclosure/2005-06/0188.html>

Platforms

Linux

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

EPSS

0.12

Percentile

95.4%

JSON

Related for SAINT:CC49AB80F698273CCAEF529DE87CBB05