This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects attempt to exploit a buffer overflow vulnerability in the Evocam HTTP server for OSX
EvoCam is an HTTP server application available for Mac OS X.
EvoCam is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. The vulnerability occurs when handling a specially crafted HTTP 'GET' request.
An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the server. Failed exploit attempts will result in a denial-of-service condition.
EvoCam 3.6.6 and 3.6.7 are vulnerable; other versions may also be affected.
- Evological Evocam 3.6.7
- Evological Evocam 3.6.6
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: firstname.lastname@example.org.