Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
GEN:SID | 1:3133 |
Message | WEB-CLIENT PNG large image height download attempt |
Summary | This event is generated when an attempt is made to exploit a buffer overflow associated with the processing of a Portable Network Graphics (PNG) file by the GD Graphics Library. |
Impact | A successful attack may cause a denial of service or a buffer overflow and the subsequent execution of arbitrary code on a vulnerable server. |
Detailed Information | A vulnerability exists in the way that software that handles PNG files, libpng, allocates memory for PNG images. A maliciously formatted PNG image sent to a vulnerable server may cause a buffer overflow and the subsequent execution of arbitrary code on a vulnerable server. A PNG file with an excessively large image height, width, or depth, or combination of these can cause a buffer overflow. |
Affected Systems | GD Graphics Library 2.0.28 and earlier |
Attack Scenarios | An attacker can create a malformed PNG file and upload it to a web server, possibly causing a buffer overflow. |
Ease of Attack | Simple. |
Corrective Action | Upgrade to the latest non-affected version of the software. Apply the appropriate vendor supplied patches. |
Additional References | |
Rule References | bugtraq: 11481 bugtraq: 11523 cve: 2004-0599 cve: 2004-0990 cve: 2004-1244 url: www.microsoft.com/technet/security/bulletin/MS05-009.mspx |
--
DID:810737
--
http://www.aanval.com/