VULHUB ™

It has been reported that the WebC.cgi application is prone to a buffer overflow condition that may be triggered under specific configurations. If debugging is enabled, when the User ID is changed during runtime, the WebC.cgi application will parse the environment and save the contents to a locally stored file. If a malicious environment variable of excessive length is parsed by the vulnerable WebC.cgi application the bounds of a local buffer may be overflowed and adjacent memory corrupted by attacker supplied values. Although unconfirmed code execution may be possible.

It has been reported that the WebC.cgi application is prone to a buffer overflow condition that may be triggered under specific configurations. If debugging is enabled, when the User ID is changed during runtime, the WebC.cgi application will parse the environment and save the contents to a locally stored file. If a malicious environment variable of excessive length is parsed by the vulnerable WebC.cgi application the bounds of a local buffer may be overflowed and adjacent memory corrupted by attacker supplied values. Although unconfirmed code execution may be possible.