Transmit 3 Remote Heap Overflow Vulnerability
BID:22145
Info
Transmit 3 Remote Heap Overflow Vulnerability
| Bugtraq ID: | 22145 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-0020 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 20 2007 12:00AM |
| Updated: | Jan 25 2007 04:22PM |
| Credit: | Discovered by KF & LMH. |
| Vulnerable: |
Transmit 3 Transmit 3 3.5.5 |
| Not Vulnerable: | |
Discussion
Transmit 3 Remote Heap Overflow Vulnerability
Transmit 3 is prone to a heap-overflow vulnerability because it fails to perform sufficient boundary checks on user-supplied data before copying it to a buffer.
An attacker could leverage this issue to have arbitrary code execute with administrative privileges. A successful exploit could result in the complete compromise of the affected system.
Transmit 3 version 3.5.5 and prior are reported vulnerable.
Transmit 3 is prone to a heap-overflow vulnerability because it fails to perform sufficient boundary checks on user-supplied data before copying it to a buffer.
An attacker could leverage this issue to have arbitrary code execute with administrative privileges. A successful exploit could result in the complete compromise of the affected system.
Transmit 3 version 3.5.5 and prior are reported vulnerable.
Exploit / POC
Transmit 3 Remote Heap Overflow Vulnerability
A proof of concept that triggers a denial-of-service condition is available.
A proof of concept that triggers a denial-of-service condition is available.
Solution / Fix
References
Transmit 3 Remote Heap Overflow Vulnerability
References:
References:
- Mac OS X Homepage (Apple)
- Transmit 3 Web Site (Transmit 3)
- MOAB-19-01-2007: Transmit.app ftps:// URL Handler Heap Buffer Overflow (MOAB)