FreeVMS Backup Utility Unspecified Buffer Overflow Vulnerability
BID:24333
Info
FreeVMS Backup Utility Unspecified Buffer Overflow Vulnerability
| Bugtraq ID: | 24333 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-3124 |
| Remote: | No |
| Local: | Yes |
| Published: | Jun 05 2007 12:00AM |
| Updated: | May 07 2015 05:37PM |
| Credit: | The vendor disclosed this issue. |
| Vulnerable: |
FreeVMS FreeVMS 0.3.5 |
| Not Vulnerable: |
FreeVMS FreeVMS 0.3.6 |
Discussion
FreeVMS Backup Utility Unspecified Buffer Overflow Vulnerability
FreeVMS backup utility is prone to a buffer-overflow vulnerability because it fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts likely result in denial-of-service conditions.
This issue affects versions prior to FreeVMS 0.3.6
FreeVMS backup utility is prone to a buffer-overflow vulnerability because it fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts likely result in denial-of-service conditions.
This issue affects versions prior to FreeVMS 0.3.6
Exploit / POC
FreeVMS Backup Utility Unspecified Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
FreeVMS Backup Utility Unspecified Buffer Overflow Vulnerability
Solution:
The vendor released version 0.3.6 to address this issue. Please see the references for more information.
FreeVMS FreeVMS 0.3.5
Solution:
The vendor released version 0.3.6 to address this issue. Please see the references for more information.
FreeVMS FreeVMS 0.3.5
-
FreeVMS freevms-0_3_6.tgz
http://freshmeat.net/redir/freevms/18729/url_tgz/freevms-0_3_6.tgz
References
FreeVMS Backup Utility Unspecified Buffer Overflow Vulnerability
References:
References:
- FreeVMS Homepage (FreeVMS)