O'Reilly WebSite GET Buffer Overflow Vulnerability

There is a buffer overflow in O'Reilly WebSite Web Server versions prior to (not including) 2.5. This can exploited by submitting a long GET request or "Referrer" client header. It is possible to overwrite the return address and thereby execute code.


 

Privacy Statement
Copyright 2010, SecurityFocus