VulDB: RSA Authentication Agent for Web up to 5.3 on IIS HTTP GET Redirect Handler IISWebAgentIF.dll buffer overflow
General
scipID: 1832
Affected: RSA Authentication Agent for Web up to 5.3
Published: 10/21/2005 (H.D. Moore)
Risk: 
critical
Entry: 91.6% complete
Created: 10/25/2005
Updated: 09/03/2012
Summary
A vulnerability was found in RSA Authentication Agent for Web up to 5.3 and classified as critical. Affected by this issue is an unknown function in the library IISWebAgentIF.dll of the component HTTP GET Redirect Handler. The manipulation with an unknown input leads to a buffer overflow vulnerability. Impacted is confidentiality, integrity, and availability.
The weakness was disclosed 10/21/2005 by H.D. Moore with MetaSploit. The advisory is shared for download at metasploit.com. This vulnerability is handled as CVE-2005-4734 since 03/19/2006. The attack may be launched remotely. Technical details as well as a exploit are known.
The exploit is shared for download at metasploit.com.
Applying a patch is able to eliminate this problem. The bugfix is ready for download at knowledge.rsasecurity.com. The vulnerability is also documented in the databases at OSVDB (20151), Secunia (SA17281) and SecurityFocus (BID 26424).CVSS
Base Score: 4.6 (CVSS2#AV:N/AC:H/Au:S/C:P/I:P/A:P) [?]
| Access Vector | Access Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Local | High | Multiple | None | None | None |
| Adjacent | Medium | Single | Partial | Partial | Partial |
| Network | Low | None | Complete | Complete | Complete |
CPE
- cpe:/a:rsa:authentication_agent_for_web:5.3
Exploiting
Class: Buffer overflow
Local: No
Remote: Yes
Availability: Yes
Download: metasploit.com
Countermeasures
Recommended: Firewall
0-Day Time: 0 days since found
Patch: knowledge.rsasecurity.com
Timeline
10/21/2005 | Advisory disclosed
10/21/2005 | OSVDB entry created
10/25/2005 | VulDB entry created
03/19/2006 | CVE assigned
09/03/2012 | VulDB entry updated
Sources
Advisory: metasploit.com
Researcher: H.D. Moore
Company: MetaSploit
OSVDB: 20151
CVE: CVE-2005-4734 (mitre.org) (nist.org) (cvedetails.com)
Secunia: 17281
SecurityFocus: 26424
