TIS Firewall Toolkit FTP-GW Remote Buffer Overflow Vulnerability
BID:21960
Info
TIS Firewall Toolkit FTP-GW Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 21960 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 09 2007 12:00AM |
| Updated: | Jan 10 2007 05:20PM |
| Credit: | The vendor disclosed this issue. |
| Vulnerable: |
TIS Internet Firewall Toolkit 2.1 TIS Internet Firewall Toolkit 0 |
| Not Vulnerable: | |
Discussion
TIS Firewall Toolkit FTP-GW Remote Buffer Overflow Vulnerability
TIS Firewall Toolkit is prone to a remote buffer-overflow vulnerability because the software fails to properly check boundaries of user-supplied input prior to copying it to an insufficiently sized stack-based memory buffer.
Exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the server application, facilitating the compromise of affected computers.
Other vulnerabilities may also be present, but this has not been confirmed.
TIS Firewall Toolkit is prone to a remote buffer-overflow vulnerability because the software fails to properly check boundaries of user-supplied input prior to copying it to an insufficiently sized stack-based memory buffer.
Exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the server application, facilitating the compromise of affected computers.
Other vulnerabilities may also be present, but this has not been confirmed.
Exploit / POC
TIS Firewall Toolkit FTP-GW Remote Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Solution / Fix
TIS Firewall Toolkit FTP-GW Remote Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
References
TIS Firewall Toolkit FTP-GW Remote Buffer Overflow Vulnerability
References:
References:
- Firewall Toolkit Homepage (TIS)
- Teaching an Old Dog New Tricks (Marcus J. Ranum)