CVE-2009-4873 – Serv-U Web Client 9.0.0.5 - Remote Buffer Overflow

https://notcve.org/view.php?id=CVE-2009-4873

Stack-based buffer overflow in the HTTP server in Rhino Software Serv-U Web Client 9.0.0.5 allows remote attackers to cause a denial of service (server crash) or execute arbitrary code via a long Session cookie. Desbordamiento de búfer basado en pila en el servidor HTTP en Rhino Software Serv-U Web Client v9.0.0.5 permite a atacantes remotos causar una denegación de servicio (caída de servidor) o ejecutar código de su elección a través de una cookie de sesión larga. • https://www.exploit-db.com/exploits/9966 https://www.exploit-db.com/exploits/9800 http://secunia.com/advisories/37228 http://www.rangos.de/ServU-ADV.txt http://www.securityfocus.com/bid/36895 http://www.vupen.com/english/advisories/2009/3116 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •