Skulltag Huffman Packet Decompression Remote Heap Based Buffer Overflow Vulnerability

Bugtraq ID:	25423
Class:	Boundary Condition Error
CVE:	CVE-2007-4537
Remote:	Yes
Local:	No
Published:	Aug 23 2007 12:00AM
Updated:	May 07 2015 05:35PM
Credit:	Luigi Auriemma is credited with the discovery of this issue.
Vulnerable:	Skulltag Skulltag 0.97d-beta4.1
Not Vulnerable:

Skulltag Huffman Packet Decompression Remote Heap Based Buffer Overflow Vulnerability

Skulltag is prone to a remote heap-based buffer-overflow vulnerability because it fails to perform adequate boundary-checks on user-supplied input.

Attackers can exploit this issue to execute arbitrary code with the privileges of the user running the application. Successful exploits may compromise affected computers. Failed attacks will likely cause denial-of-service conditions.

Skulltag 0.97d-beta4.1 is vulnerable; other versions may also be affected.

Skulltag Huffman Packet Decompression Remote Heap Based Buffer Overflow Vulnerability

The following proof-of-concept exploit code is available:

• /data/vulnerabilities/exploits/25423-skulltaghof.zip

Skulltag Huffman Packet Decompression Remote Heap Based Buffer Overflow Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Skulltag Huffman Packet Decompression Remote Heap Based Buffer Overflow Vulnerability

References:

• Skulltag Homepage (Skulltag)
  
• Heap overflow in Skulltag 0.97d-beta4.1 (Luigi Auriemma)