GLSA-200807-02 : Motion: Execution of arbitrary code
Critical Nessus Plugin ID 33422
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-200807-02 (Motion: Execution of arbitrary code)
Nico Golde reported an off-by-one error within the read_client() function in the webhttpd.c file, leading to a stack-based buffer overflow. Stefan Cornelius (Secunia Research) reported a boundary error within the same function, also leading to a stack-based buffer overflow. Both vulnerabilities require that the HTTP Control interface is enabled.
A remote attacker could exploit these vulnerabilities by sending an overly long or specially crafted request to a vulnerable Motion HTTP control interface, possibly resulting in the execution of arbitrary code with the privileges of the motion user.
There is no known workaround at this time.
SolutionAll Motion users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=media-video/motion-220.127.116.11'