News Reactor Long File Name Buffer Overflow Vulnerability
BID:22936
Info
News Reactor Long File Name Buffer Overflow Vulnerability
| Bugtraq ID: | 22936 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 13 2007 12:00AM |
| Updated: | Mar 13 2007 05:14PM |
| Credit: | Marsu is credited with the discovery of this issue. |
| Vulnerable: |
NewsReactor NewsReactor 20070220 |
| Not Vulnerable: | |
Discussion
News Reactor Long File Name Buffer Overflow Vulnerability
News Reactor is prone to a remote buffer-overflow because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker could exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial of service.
This issue affects version 20070220; other versions may also be affected.
News Reactor is prone to a remote buffer-overflow because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker could exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial of service.
This issue affects version 20070220; other versions may also be affected.
Exploit / POC
News Reactor Long File Name Buffer Overflow Vulnerability
An attacker can exploit this issue by enticing an unsuspecting user to grab a specially crafted '.nzb' file using the affected application.
The following exploit code is available:
An attacker can exploit this issue by enticing an unsuspecting user to grab a specially crafted '.nzb' file using the affected application.
The following exploit code is available:
Solution / Fix
News Reactor Long File Name Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
News Reactor Long File Name Buffer Overflow Vulnerability
References:
References:
- NewsReactor Homepage (NewsReactor)