ISS Internet Scanner HTTP response buffer overflow

is-http-response-bo (10130) The risk level is classified as MediumMedium Risk

Description:

Internet Security Systems' Internet Scanner is a network security vulnerability assessment product. Vulnerability Assessment products are used to probe networks and networking devices for security vulnerabilities. Internet Scanner version 6.2.1 for Windows NT and Windows 2000 is vulnerable to a buffer overflow, caused by improper parsing of HTTP responses. By configuring a malicious host to return an overly long malformed HTTP response, a remote attacker could overflow a buffer on the Internet Scanner host, which would cause Internet Scanner to crash or allow the attacker to execute arbitrary commands on the server.

Refer to Internet Security System Security Alert, September 18, 2002 for more information. See References.


Consequences:

Gain Access

Remedy:

Install X-Press Update 6.17, available from the Internet Security Systems Download Center. It can also be downloaded and installed using the Internet Scanner X-Press Update Installer. See References.

References:

Platforms Affected:

  • IBM ISS Internet Scanner Software 6.2.1

Reported:

Sep 18, 2002

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page