MapServer < 4.10.5/5.2.3/5.4.2 Integer Overflow Vulnerability
High Nessus Network Monitor Plugin ID 5210
SynopsisThe remote web server contains a CGI application that is vulnerable to a remote code execution attack.
DescriptionThe remote web server is running a version of MapServer earlier than 4.10.5 / 5.2.3 / 5.4.2. Such versions are potentially affected by an integer-overflow vulnerability when the application handles large HTTP requests containing specially crafted 'Content-Length' values.
SolutionUpgrade to MapServer 4.10.5, 5.2.3, or 5.4.2.