Intrusion Prevention

HTTPDX.Tolog.Format.String

Description

This indicates a possible attack against a format-string vulnerability in the HTTP service of HTTPDX HTTP server.
This vulnerability is due to the software's inability to properly handle specially crafted HTTP requests containing format specifiers. A remote attacker may exploit this to cause memory corruption or arbitrary code execution.

Affected Products

HTTPDX server 1.5 and prior versions

Impact

System compromise or denial of service

Recommended Actions

Currently we are not aware of any officially supplied patch for this issue.

CVE References

CVE-2009-4769