GEN:SID | 1:2320 |
Message | EXPLOIT ebola USER overflow attempt |
Summary | This event is generated when an attempt is made to exploit a known vulnerability in Ebola from PLD Software.
|
Impact | Serious. Execution of arbitrary code may be possible.
|
Detailed Information | Ebola from PLD Software is used to improve the performance of Anti-Virus solutions on Linux systems.
A buffer overflow condition is present in the authentication mechanism such that it may be triggered by the generation of an error message from an unsuccessful authentication attempt.
|
Affected Systems | All versions of Ebola prior to 0.1.5
|
Attack Scenarios | An attacker can send specially crafted authentication attempts to the Ebola system and cause the buffer overflow thus presenting the opportunity to execute arbitrary code.
|
Ease of Attack | Simple. Expoits exist.
|
Corrective Action | Upgrade to the latest non-affected version of the software.
|
Additional References | |
Rule References | bugtraq: 9156
|