Servant Salamander UnaceV2.DLL Buffer Overflow Vulnerability
BID:17729
Info
Servant Salamander UnaceV2.DLL Buffer Overflow Vulnerability
| Bugtraq ID: | 17729 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 28 2006 12:00AM |
| Updated: | Apr 28 2006 09:05PM |
| Credit: | Tan Chew Keong of Secunia Research disclosed this vulnerability. |
| Vulnerable: |
Servant Salamander 2.5 beta 11 Servant Salamander 2.0 |
| Not Vulnerable: |
Servant Salamander 2.5 RC1 |
Discussion
Servant Salamander UnaceV2.DLL Buffer Overflow Vulnerability
Servant Salamander is susceptible to a filename buffer-overflow vulnerability. The application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
This issue allows attackers to execute arbitrary machine code in the context of users running the affected application.
Servant Salamander is susceptible to a filename buffer-overflow vulnerability. The application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
This issue allows attackers to execute arbitrary machine code in the context of users running the affected application.
Exploit / POC
Servant Salamander UnaceV2.DLL Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Servant Salamander UnaceV2.DLL Buffer Overflow Vulnerability
Solution:
This issue has reportedly been addressed in version 2.5 RC 1; please see the reference section for further details.
Servant Salamander 2.5 beta 11
Servant Salamander 2.0
Solution:
This issue has reportedly been addressed in version 2.5 RC 1; please see the reference section for further details.
Servant Salamander 2.5 beta 11
-
Servant ss25rc1.exe
ftp://ftp.altap.cz/pub/altap/salamand/ss25rc1.exe
Servant Salamander 2.0
-
Servant ss25rc1.exe
ftp://ftp.altap.cz/pub/altap/salamand/ss25rc1.exe
References
Servant Salamander UnaceV2.DLL Buffer Overflow Vulnerability
References:
References:
- Servant Salamander Web Site (Servant Salamander)
- Secunia Research: Servant Salamander unacev2.dll Buffer Overflow Vulnerability (Secunia Research