EchoVNC Remote Buffer Overflow Vulnerability
BID:30722
Info
EchoVNC Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 30722 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2008-3705 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 15 2008 12:00AM |
| Updated: | May 07 2015 05:24PM |
| Credit: | EchoVNC |
| Vulnerable: |
EchoVNC EchoVNC fro Linux 1.1.1 |
| Not Vulnerable: |
EchoVNC EchoVNC fro Linux 1.1.2 |
Discussion
EchoVNC Remote Buffer Overflow Vulnerability
EchoVNC is affected by a remote buffer-overflow vulnerability because the application fails to properly validate user-supplied data before copying it into insufficiently sized buffers.
An attacker may leverage this issue to execute arbitrary code on the affected computer with the privileges of the user running the vulnerable application. Failed exploit attempts will likely cause denial-of-service conditions.
This issue affects versions prior to EchoVNC 1.1.2 for Linux.
EchoVNC is affected by a remote buffer-overflow vulnerability because the application fails to properly validate user-supplied data before copying it into insufficiently sized buffers.
An attacker may leverage this issue to execute arbitrary code on the affected computer with the privileges of the user running the vulnerable application. Failed exploit attempts will likely cause denial-of-service conditions.
This issue affects versions prior to EchoVNC 1.1.2 for Linux.
Exploit / POC
EchoVNC Remote Buffer Overflow Vulnerability
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
EchoVNC Remote Buffer Overflow Vulnerability
Solution:
The vendor has released an update. Please see the references for more information.
EchoVNC EchoVNC fro Linux 1.1.1
Solution:
The vendor has released an update. Please see the references for more information.
EchoVNC EchoVNC fro Linux 1.1.1
-
EchoVNC echovnc_1.1.2_src.tgz
http://downloads.sourceforge.net/echovnc/echovnc_1.1.2_src.tgz
References
EchoVNC Remote Buffer Overflow Vulnerability
References:
References:
- EchoVNC Homepage (EchoVNC )
- EchoVNC Linux 1.1.2 Release Notes (EchoVNC )