Pan Vision IGI-2 Covert Strike Remote Format String Vulnerability
BID:10053
Info
Pan Vision IGI-2 Covert Strike Remote Format String Vulnerability
| Bugtraq ID: | 10053 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 05 2004 12:00AM |
| Updated: | Apr 05 2004 12:00AM |
| Credit: | Discovery of this issue is credited to Luigi Auriemma <[email protected]>. |
| Vulnerable: |
Pan Vision I.G.I-2 Covert Strike 1.3 Pan Vision I.G.I-2 Covert Strike 1.2 Pan Vision I.G.I-2 Covert Strike 1.1 Pan Vision I.G.I-2 Covert Strike 1.0 |
| Not Vulnerable: | |
Discussion
Pan Vision IGI-2 Covert Strike Remote Format String Vulnerability
Reportedly IGI-2 Covert Strike is prone to a remote format string vulnerability. This issue is due to a failure to properly implement a formatted printing function.
This issue may be leverage to cause a denial of service condition in the affected server. Furthermore, this issue may be leveraged to execute arbitrary code within the security context of the affected process, potentially leading to unauthorized access to the system.
Reportedly IGI-2 Covert Strike is prone to a remote format string vulnerability. This issue is due to a failure to properly implement a formatted printing function.
This issue may be leverage to cause a denial of service condition in the affected server. Furthermore, this issue may be leveraged to execute arbitrary code within the security context of the affected process, potentially leading to unauthorized access to the system.
Exploit / POC
Pan Vision IGI-2 Covert Strike Remote Format String Vulnerability
The following exploit has been provided:
http://aluigi.altervista.org/poc/igi2fs.zip
The following exploit has been provided:
http://aluigi.altervista.org/poc/igi2fs.zip
Solution / Fix
Pan Vision IGI-2 Covert Strike Remote Format String Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Pan Vision IGI-2 Covert Strike Remote Format String Vulnerability
References:
References:
- IGI-2 Covert Strike Home Page (Pan Vision)
- Format string bug in IGI 2: Covert Strike 1.3 (Luigi Auriemma
)