Launchpad.net

CVE 2009-2281

Multiple heap-based buffer underflows in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x through 4.10.4 and 5.x before 5.4.2 allow remote attackers to execute arbitrary code via (1) a crafted Content-Length HTTP header or (2) a large HTTP request, related to an integer overflow that triggers a heap-based buffer overflow. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-0840.

Related bugs and status

CVE-2009-2281 (Candidate) is related to these bugs:

Bug #398814: security: anyone can make mapserv read or write arbitrary files

		In	Importance	Status
398814	security: anyone can make mapserv read or write arbitrary files	mapserver (Ubuntu)	Undecided	Fix Released
398814	security: anyone can make mapserv read or write arbitrary files	mapserver (Ubuntu Dapper)	Undecided	Won't Fix
398814	security: anyone can make mapserv read or write arbitrary files	mapserver (Ubuntu Hardy)	Undecided	Fix Released
398814	security: anyone can make mapserv read or write arbitrary files	mapserver (Ubuntu Intrepid)	Undecided	Fix Released
398814	security: anyone can make mapserv read or write arbitrary files	mapserver (Ubuntu Jaunty)	Undecided	Fix Released
398814	security: anyone can make mapserv read or write arbitrary files	mapserver (Ubuntu Karmic)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2009-2281

Related bugs and status

Related bugs

References