PT-2007-3099 · Intervations · Intervations Navicopa Http Server

Published

2007-03-28

Updated

2018-10-16

CVE-2007-1733

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: InterVations NaviCOPA HTTP Server version 2.01

Description: A buffer overflow issue exists, allowing remote attackers to execute arbitrary code via a long pathname in an HTTP GET request, specifically targeting the /cgi-bin/ or /cgi/ API endpoints.

Recommendations: For InterVations NaviCOPA HTTP Server version 2.01, consider restricting access to the /cgi-bin/ and /cgi/ API endpoints until a fix is available. As a temporary workaround, limit the length of pathnames in HTTP GET requests to prevent exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-1733

Affected Products

Intervations Navicopa Http Server

PT-2007-3099 · Intervations · Intervations Navicopa Http Server

CVE-2007-1733

Related Identifiers

Affected Products

References · 11