Signature Detail
Short Name |
HTTP:OVERFLOW:D-LINK-HNAP-BO |
|---|---|
Severity |
High |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
D-Link HNAP Request Stack Buffer Overflow |
Release Date |
2014/07/30 |
Update Number |
2404 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vsrx-12.1+ |
HTTP: D-Link HNAP Request Stack Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the D-LINK HNAP request. A successful attack can lead to a buffer overflow and arbitrary remote code execution.
Extended Description
Stack-based buffer overflow in the do_hnap function in www/my_cgi.cgi in D-Link DSP-W215 (Rev. A1) with firmware 1.01b06 and earlier, DIR-505 with firmware before 1.08b10, and DIR-505L with firmware 1.01 and earlier allows remote attackers to execute arbitrary code via a long Content-Length header in a GetDeviceSettings action in an HNAP request.
Affected Products
- d-link dir-505l_shareport_mobile_companion a1
- d-link dir505l_shareport_mobile_companion_firmware 1.01
- d-link dir505_shareport_mobile_companion a1
- d-link dir505_shareport_mobile_companion_firmware 1.07
- d-link dsp-w215 a1
- d-link dsp-w215_firmware 1.01
References
- BugTraq: 67651
- CVE: CVE-2014-3936