Motorola Timbuktu Pro for Windows Multiple Remote Buffer Overflow Vulnerabilities
BID:25454
Info
Motorola Timbuktu Pro for Windows Multiple Remote Buffer Overflow Vulnerabilities
| Bugtraq ID: | 25454 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-4221 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 27 2007 12:00AM |
| Updated: | Sep 03 2007 07:41PM |
| Credit: | Titon of BastardLabs and two anonymous researchers reported these issues to iDefense. |
| Vulnerable: |
Motorola Timbuktu Pro for Windows 8.6.3 .1367 |
| Not Vulnerable: |
Motorola Timbuktu Pro for Windows 8.6.5 |
Discussion
Motorola Timbuktu Pro for Windows Multiple Remote Buffer Overflow Vulnerabilities
Motorola Timbuktu Pro is prone to multiple remote buffer-overflow vulnerabilities because the software fails to properly bounds-check user-supplied input.
Successfully exploiting these issues allows remote attackers to execute arbitrary machine code with SYSTEM-level privileges, which may lead to a complete compromise of affected computers. Failed exploit attempts likely result in denial-of-service conditions.
Timbuktu Pro 8.6.3.1367 for Windows is vulnerable to these issues; other versions and platforms may also be affected.
Motorola Timbuktu Pro is prone to multiple remote buffer-overflow vulnerabilities because the software fails to properly bounds-check user-supplied input.
Successfully exploiting these issues allows remote attackers to execute arbitrary machine code with SYSTEM-level privileges, which may lead to a complete compromise of affected computers. Failed exploit attempts likely result in denial-of-service conditions.
Timbuktu Pro 8.6.3.1367 for Windows is vulnerable to these issues; other versions and platforms may also be affected.
Exploit / POC
Motorola Timbuktu Pro for Windows Multiple Remote Buffer Overflow Vulnerabilities
Currently we are not aware of any working exploits for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any working exploits for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
Motorola Timbuktu Pro for Windows Multiple Remote Buffer Overflow Vulnerabilities
Solution:
Timbuktu Pro 8.6.5 has been released to address these issues. Please see the references for more information.
Solution:
Timbuktu Pro 8.6.5 has been released to address these issues. Please see the references for more information.
References
Motorola Timbuktu Pro for Windows Multiple Remote Buffer Overflow Vulnerabilities
References:
References:
- Release Notes, version 8.6.5 (Motorola)
- Timbuktu Pro Homepage (Motorola)
- iDefense Security Advisory 08.27.07: Motorola Timbuktu Multiple Buffer Overflow (iDefense Labs