The host is running MapServer and is prone to multiple vulnerabilities.

Successful exploitation will let attacker execute arbitrary code in the context of an affected web application and other such attacks such as, directory traversal, buffer overflow, and denial of service. Impact Level: System/Application

Upgrade to version 4.10.4 or 5.2.2 http://download.osgeo.org/mapserver

- Heap-based buffer underflow in the readPostBody function in cgiutil.c in mapserv due to a negative value in the Content-Length HTTP header. - Stack-based buffer overflow in mapserv.c in mapserv while map with a long IMAGEPATH or NAME attribute via a crafted id parameter in a query action. - Directory traversal vulnerability in mapserv.c in mapserv via a .. (dot dot) in the id parameter while running on Windows with Cygwin. - Buffer overflow in mapserv.c in mapserv does not ensure that the string holding an id parameter ends in a '\0' character. - Multiple stack-based buffer overflows in maptemplate.c in mapserv. - Different error messages are generated when a non existent file pathname is passed in the queryfile parameter inside the msLoadQuery function in mapserv. - Display of partial file contents within an error message is triggered while attempting to read arbitrary invalid .map files via a full pathname in the map parameter in mapserv.

MapServer version 4.x before 4.10.4 and 5.x before 5.2.2 on all platforms.

• http://securitytracker.com/alerts/2009/Mar/1021952.html
• http://trac.osgeo.org/mapserver/ticket/2939
• http://trac.osgeo.org/mapserver/ticket/2941
• http://trac.osgeo.org/mapserver/ticket/2942
• http://trac.osgeo.org/mapserver/ticket/2943
• http://trac.osgeo.org/mapserver/ticket/2944

---

Updated on 2015-03-25