From security@RELAYGROUP.COM Thu Jan 25 08:58:15 2001 From: Security Research Team To: BUGTRAQ@SECURITYFOCUS.COM Date: Thu, 25 Jan 2001 20:20:10 +0700 Subject: [BUGTRAQ] [SAFER] Security Bulletin 010125.EXP.1.12 __________________________________________________________ S.A.F.E.R. Security Bulletin 010125.EXP.1.12 __________________________________________________________ TITLE : PlanetIntra - Buffer Overflow DATE : January 25, 2001 NATURE : Remote execution of code AFFECTED : PlanetIntra v2.5 software PROBLEM: A buffer overflow exists in PlanetIntra software that allows remote execution of code. DETAILS: A buffer overflow (at least one, possibly more) exists in 'pi' binary which allows remote user to execute commands on the target system. For example, request like: GET /cgi-bin/pi?page=document/show_file&id= will trigger the overflow. EXPLOIT: Exploit will be released in 2 weeks (this is subject to change). FIXES: We are aware that patch for this issue has been made, but we have never received official response/confirmation, and we are not aware if the current version available for download ( http://www.planetintra.com ) is vulnerable to this problem. CREDITS: Fyodor Yarochkin This advisory is also available at http://www.safermag.com/advisories/ __________________________________________________________ S.A.F.E.R. - Security Alert For Enterprise Resources Copyright (c) 2001 The Relay Group http://www.safermag.com ---- security@relaygroup.com __________________________________________________________