ValiCert Enterprise Validation Authority Private Key Generation Buffer Overflow Vulnerability

ValiCert Enterprise Validation Authority includes an Administration Server, which can be accessed through a web interface. CGI functionality is provided by the script forms.exe. This script is available on port 13333 in the default installation.

One of the functions provided by this script is the ability to generate a new private key for SSL communications or for signing OCSP responses. To generate a new key, several variables must be passed to the script. A long string in any of the variables other than country_name, gen_self_signed_cert, command, or keytype will overflow the buffer. This could overwrite the stack, and possibly lead to execution of arbitrary code.


Privacy Statement
Copyright 2010, SecurityFocus