RPM Configuration File Handling Remote Buffer Overflow Vulnerability
BID:39493
Info
RPM Configuration File Handling Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 39493 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 15 2010 12:00AM |
| Updated: | Apr 15 2010 06:03PM |
| Credit: | mr_me |
| Vulnerable: |
Brooks Internet Software RPM Remote Print Manager Select 5.0.70 6 Brooks Internet Software RPM Remote Print Manager Elite 5.0.70 6 |
| Not Vulnerable: | |
Discussion
RPM Configuration File Handling Remote Buffer Overflow Vulnerability
RPM (Remote Print Manager) is prone to a remote buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data.
An attacker can exploit this issue to execute arbitrary code with the privileges of the user running an application that relies on the affected library. Failed exploit attempts will result in a denial-of-service condition.
This issue affects RPM Elite/Select version 5.0.70.6; other versions may be vulnerable as well.
RPM (Remote Print Manager) is prone to a remote buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data.
An attacker can exploit this issue to execute arbitrary code with the privileges of the user running an application that relies on the affected library. Failed exploit attempts will result in a denial-of-service condition.
This issue affects RPM Elite/Select version 5.0.70.6; other versions may be vulnerable as well.
Exploit / POC
RPM Configuration File Handling Remote Buffer Overflow Vulnerability
The following proof of concept is available:
The following proof of concept is available:
Solution / Fix
RPM Configuration File Handling Remote Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
References
RPM Configuration File Handling Remote Buffer Overflow Vulnerability
References:
References:
- RPM Remote Print Manager Homepage (Brooks Internet Software)