Protection against Macromedia JRun 4 Web Server Buffer Overflow Vulnerability
|Category:||Remote Code Execution|
|Vulnerable Systems:||Macromedia JRun 4.0 prior to Updater 5|
|Source:||iDEFENSE ADVISORY: 12.21.05|
A vulnerability exists in the Macromedia JRun Web server component. Remote exploitation of the vulnerability may allow attackers to execute arbitrary code or cause a denial of service condition. For the attack to be successful, the JRun Web server component must be active.
|Details:||The vulnerability exists within the JRun 4 Web server, specifically in the handling of long request strings. By supplying a long URL (approximately 64k), a remote attacker can create a stack-based overflow, potentially allowing the execution of arbitrary code.
|Attack Detection:||Users of VPN-1 NG with Application Intelligence R54, R55 and R55W and users of VPN-1 NGX R60 should update their SmartDefense by clicking Online Update in the SmartDashboard General window.
Attack Name: HTTP Worm Catcher
Attack Information: Macromedia JRun 4 Buffer Overflow
Users of VPN-1 NG with Application Intelligence R55 & R55W and users of VPN-1 NGX R60 should update their SmartDefense by clicking Online Update (R55 - Update now) in the SmartDashboard General window.
Users of R54, R55:
This update also includes: