CenterTools DriveLock Remote Buffer Overflow Vulnerability
BID:25902
Info
CenterTools DriveLock Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 25902 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-5209 |
| Remote: | Yes |
| Local: | No |
| Published: | Oct 03 2007 12:00AM |
| Updated: | May 07 2015 05:35PM |
| Credit: | Parvez Anwar is credited with the discovery of this issue. |
| Vulnerable: |
CenterTools DriveLock Security Reporting Center 5.0 CenterTools DriveLock 5.0 CenterTools DriveLock 4.0 |
| Not Vulnerable: |
CenterTools DriveLock Security Reporting Center 5.0 .47 CenterTools DriveLock 5.0 .314 CenterTools DriveLock 4.1.1 .277 |
Discussion
CenterTools DriveLock Remote Buffer Overflow Vulnerability
CenterTools DriveLock is prone to a remote buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized buffer.
Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial of service.
This issue is reported to affect DriveLock and DriveLock Security Reporting Center 5.0 and prior versions; other versions may also be affected.
CenterTools DriveLock is prone to a remote buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized buffer.
Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial of service.
This issue is reported to affect DriveLock and DriveLock Security Reporting Center 5.0 and prior versions; other versions may also be affected.
Exploit / POC
CenterTools DriveLock Remote Buffer Overflow Vulnerability
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
CenterTools DriveLock Remote Buffer Overflow Vulnerability
Solution:
Reports indicate that the vendor has addressed this issue by releasing DriveLock 5.0.0.314, 4.1.1.277, and DriveLock Security Reporting Server 5.0.0.47.
Symantec was unable to verify this information. If you feel we are in error or if you are aware of more recent information, please mail us at [email protected].
Solution:
Reports indicate that the vendor has addressed this issue by releasing DriveLock 5.0.0.314, 4.1.1.277, and DriveLock Security Reporting Server 5.0.0.47.
Symantec was unable to verify this information. If you feel we are in error or if you are aware of more recent information, please mail us at [email protected].