Vulnerability

    Skyline/SpinBox client

Affected

    SpinBox/1.1

Description

    Tollef Fog Heen found following.  There are some buffer  overflows
    in  SpinBox/1.1  (from  the  spin_server.conf).   SpinBox  is   an
    SSI/cgi-tool used by advertisement companies, made by Skyline.

    Since  this  is  closed  source  software,  Fog  coulnd't post the
    sources.   The buffer  overflows are  mostly in  the query  string
    (strcat and strcpy instead of  strncat and strncpy).  The  cgi-bin
    will usually run with an  uid of nobody (most Unices)  or www-data
    (Debian),  so  depending  on  configuration  the severity might be
    none to possible defacing of web sites.

    If you use the SpinBox client (our ad provided is uniquemedia.net,
    thanks to them for providing sources and in general being  helpful
    and responsive) with  a version number  less than 1.1,  or haven't
    been notified in the last three weeks, you are vulnerable.

Solution

    Vendor is notified.