Category: Remote System Buffer Overrun
Date: 29th May 2002
Advisory URL: http://www.ngssoftware.com/advisories/jrun.txt
Severity: High Risk
Macromedia's JRun, previously owned by Allaire, is a J2EE Server designed to
run on web servers to deliver java based online applications. The Win32
version 3.1 contains a remotely exploitable buffer overrun vulnerability
that allows an attacker to gain complete control of the server in question.
A check for this issue has been added to Typhon II, NGSSoftware's
vulnerability assessment scanner, of which more information is available
from the NGSSite : http://www.ngssoftware.com/.
For further information about the scope and effects of buffer overflows,
please see
http://www.ngssoftware.com/papers/ntbufferoverflow.html
http://www.ngssoftware.com/papers/bu...rflowpaper.rtf
http://www.ngssoftware.com/papers/unicodebo.pdf
http://www.ngssoftware.com/papers/no...bo-windows.pdf
Source
Reply With Quote