ViRobot Server web interface addschup buffer overflow

Added: 07/28/2006
CVE: CVE-2005-2041
BID: 13964
OSVDB: 17320

Background

ViRobot Linux Server includes a web-based control interface.

Problem

A buffer overflow in the addschup CGI program included in the ViRobot Linux Server allows remote attackers to write arbitrary commands into the root crontab file, leading to complete control over the server.

Resolution

Apply the patch.

References

http://archives.neohapsis.com/archives/fulldisclosure/2005-06/0188.html

Platforms

Linux

Back to exploit index