PT-2005-2983 · Hauri · Hauri Virobot
Kevin Finisterre
·
Published
2005-06-15
·
Updated
2017-07-11
·
CVE-2005-2041
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
HAURI ViRobot version 2.0
Description
The issue is related to a buffer overflow in the addschup component. This can be exploited by remote attackers to execute arbitrary code by sending a long
ViRobot ID cookie in the HTTP COOKIE header.Recommendations
For HAURI ViRobot version 2.0, consider restricting access to the addschup component until a patch is available. As a temporary workaround, limit the length of the
ViRobot ID cookie to prevent buffer overflow exploitation.Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Hauri Virobot