Vulnerability Note VU#251276
Rejetto HTTP File Server (HFS) search feature fails to handle null bytes
Rejetto HTTP File Server (HFS) search feature in versions 2.3, 2.3a, and 2.3b fails to handle null bytes.
CWE-158: Improper Neutralization of Null Byte or NUL Character - CVE-2014-6287
Rejetto HFS versions 2.3, 2.3a, and 2.3b are vulnerable to remote command execution due to a regular expression in parserLib.pas that fails to handle null bytes. Commands that follow a null byte in the search string are executed on the host system. As an example, the following search submitted to a vulnerable HFS instance launches calculator on the host Microsoft Windows system:
A remote, unauthenticated user may be able to run arbitrary operating system commands on the server.
Apply an update
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Rejetto||Affected||03 Oct 2014||06 Oct 2014|
CVSS Metrics (Learn More)
This document was written by Joel Land.
- CVE IDs: CVE-2014-6287
- Date Public: 11 Sep 2014
- Date First Published: 06 Oct 2014
- Date Last Updated: 06 Oct 2014
- Document Revision: 14
If you have feedback, comments, or additional information about this vulnerability, please send us email.