AFFLIB LastModified Remote Buffer Overflow Vulnerability
BID:23695
Info
AFFLIB LastModified Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 23695 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-2053 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 27 2007 12:00AM |
| Updated: | Apr 27 2007 12:00AM |
| Credit: | Timothy D. Morgan is credited with the discovery of this issue. |
| Vulnerable: |
AFFLIB AFFLIB 2.2 |
| Not Vulnerable: |
AFFLIB AFFLIB 2.2.6 |
Discussion
AFFLIB LastModified Remote Buffer Overflow Vulnerability
AFFLIB is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
Successful exploits may allow remote attackers to execute arbitrary machine code in the context of vulnerable applications using the affected library. Failed exploit attempts will likely result in denial-of-service conditions.
Version 2.2.0 is vulnerable; other versions may also be affected.
AFFLIB is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
Successful exploits may allow remote attackers to execute arbitrary machine code in the context of vulnerable applications using the affected library. Failed exploit attempts will likely result in denial-of-service conditions.
Version 2.2.0 is vulnerable; other versions may also be affected.
Exploit / POC
AFFLIB LastModified Remote Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]
Solution / Fix
AFFLIB LastModified Remote Buffer Overflow Vulnerability
Solution:
The vendor addressed this issue in version 2.2.6. Please see the references section for further information.
AFFLIB AFFLIB 2.2
Solution:
The vendor addressed this issue in version 2.2.6. Please see the references section for further information.
AFFLIB AFFLIB 2.2
-
AFFLIB afflib-2.2.8.tar.gz
http://www.afflib.org/downloads/afflib-2.2.8.tar.gz
References
AFFLIB LastModified Remote Buffer Overflow Vulnerability
References:
References:
- AFFLIB Homepage (AFFLIB)
- AFFLIB(TM): Multiple Buffer Overflows (VSR Advisories)