Centrinity FirstClass Desktop Client Local Buffer Overflow Vulnerability
BID:10074
Info
Centrinity FirstClass Desktop Client Local Buffer Overflow Vulnerability
| Bugtraq ID: | 10074 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Apr 07 2004 12:00AM |
| Updated: | Apr 07 2004 12:00AM |
| Credit: | Discovery is credited to BOUDOUX and Fred CHAVEROT of I2S-LaB <[email protected]>. |
| Vulnerable: |
Centrinity FirstClass Desktop Client 7.1 |
| Not Vulnerable: | |
Discussion
Centrinity FirstClass Desktop Client Local Buffer Overflow Vulnerability
It has been reported that FirstClass Desktop Client may be prone to a local buffer overflow vulnerability that could allow attackers to execute arbitrary code on a vulnerable system that may lead to elevated privileges. The issue is reported to exist due to the 'PROXYADDR' variable of the 'LOCAL NETWORK.FCP' configuration file.
This issue is reported to exist in Centrinity FirstClass Desktop Client 7.1.
It has been reported that FirstClass Desktop Client may be prone to a local buffer overflow vulnerability that could allow attackers to execute arbitrary code on a vulnerable system that may lead to elevated privileges. The issue is reported to exist due to the 'PROXYADDR' variable of the 'LOCAL NETWORK.FCP' configuration file.
This issue is reported to exist in Centrinity FirstClass Desktop Client 7.1.
Exploit / POC
Centrinity FirstClass Desktop Client Local Buffer Overflow Vulnerability
The following exploit has been provided:
The following exploit has been provided:
Solution / Fix
Centrinity FirstClass Desktop Client Local Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Centrinity FirstClass Desktop Client Local Buffer Overflow Vulnerability
References:
References:
- FirstClass Desktop 7.1 Client buffer overflow vulnerability (K-Otik Security)
- FirstClass Product Page (Centrinity)