Racer Remote Buffer Overflow Vulnerability
BID:25297
Info
Racer Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 25297 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-4370 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 10 2007 12:00AM |
| Updated: | Dec 19 2014 01:56AM |
| Credit: | n00b is credited with the discovery of this issue. |
| Vulnerable: |
Racer Racer 0.5.3 Gentoo Linux |
| Not Vulnerable: | |
Discussion
Racer Remote Buffer Overflow Vulnerability
Racer is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
Attackers can exploit this issue to execute arbitrary code with the privileges of the user running the application. Successful exploits will compromise the computer. Failed exploit attempts will result in a denial of service.
Racer 0.5.3 beta 5 is vulnerable; other versions may also be affected.
Racer is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
Attackers can exploit this issue to execute arbitrary code with the privileges of the user running the application. Successful exploits will compromise the computer. Failed exploit attempts will result in a denial of service.
Racer 0.5.3 beta 5 is vulnerable; other versions may also be affected.
Exploit / POC
Racer Remote Buffer Overflow Vulnerability
The following exploits are available:
The following exploits are available:
Solution / Fix
Racer Remote Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].