TinyIdentD Remote Buffer Overflow Vulnerability
BID:23981
Info
TinyIdentD Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 23981 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-2711 |
| Remote: | Yes |
| Local: | No |
| Published: | May 14 2007 12:00AM |
| Updated: | May 07 2015 05:39PM |
| Credit: | Maarten Boone is credited with the discovery of this issue. |
| Vulnerable: |
TinyIRC TinyIdentD 2.2 |
| Not Vulnerable: | |
Discussion
TinyIdentD Remote Buffer Overflow Vulnerability
TinyIdentD is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.
Exploiting this issue allows attackers to execute arbitrary machine code in the context of the running application.
TinyIdentD 2.2 and previous versions are vulnerable to this issue.
TinyIdentD is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.
Exploiting this issue allows attackers to execute arbitrary machine code in the context of the running application.
TinyIdentD 2.2 and previous versions are vulnerable to this issue.
Exploit / POC
TinyIdentD Remote Buffer Overflow Vulnerability
A proof-of-concept exploit is available for this issue.
A proof-of-concept exploit is available for this issue.
Solution / Fix
TinyIdentD Remote Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].