3Com 3CTftpSvc Filename Remote Buffer Overflow Vulnerability
BID:21322
Info
3Com 3CTftpSvc Filename Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 21322 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 27 2006 12:00AM |
| Updated: | Jan 25 2007 04:32PM |
| Credit: | Liu Qixu is credited with the discovery of this vulnerability. |
| Vulnerable: |
3Com 3CTftpSvc 2.0.1 |
| Not Vulnerable: | |
Discussion
3Com 3CTftpSvc Filename Remote Buffer Overflow Vulnerability
3CTftpSvc is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before storing it in a finite-sized buffer.
An attacker can exploit this issue to execute arbitrary code and gain unauthorized remote access to a vulnerable computer. A denial-of-service condition may arise as well.
3CTftpSvc 2.0.1 and prior versions are reported to be vulnerable. Other versions may be affected as well.
3CTftpSvc is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before storing it in a finite-sized buffer.
An attacker can exploit this issue to execute arbitrary code and gain unauthorized remote access to a vulnerable computer. A denial-of-service condition may arise as well.
3CTftpSvc 2.0.1 and prior versions are reported to be vulnerable. Other versions may be affected as well.
Exploit / POC
3Com 3CTftpSvc Filename Remote Buffer Overflow Vulnerability
An exploit is available to members of the Immunity Partner's program:
https://www.immunityinc.com/downloads/immpartners/3comtftp.tar
The following proof-of-concept exploit will demonstrate this issue by crashing the application:
An exploit is available to members of the Immunity Partner's program:
https://www.immunityinc.com/downloads/immpartners/3comtftp.tar
The following proof-of-concept exploit will demonstrate this issue by crashing the application:
Solution / Fix
3Com 3CTftpSvc Filename Remote Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
3Com 3CTftpSvc Filename Remote Buffer Overflow Vulnerability
References:
References:
- 3Com Software Library (3Com)