Moby NetSuite 1.0/1.2 - POST Handler Buffer Overflow

EDB-ID:

22053




Platform:

Multiple

Date:

2002-11-29


source: https://www.securityfocus.com/bid/6277/info

A buffer overflow vulnerability has been reported for Moby NetSuite that may result in a denial of service condition. Reportedly, it is possible to cause NetSuite to crash when a malformed POST request is received. 

An attacker can exploit this vulnerability by issuing a malformed POST request. When NetSuite attempts to service the malformed POST request, it will crash resulting in a denial of service. Restarting the service is neccessary to restore functionality.

POST /cgi-bin/test.cgi HTTP/1.0
Content-Length: 111111111111111111111111111