netkar-PRO Remote Stack Buffer Overflow Vulnerability
BID:39555
Info
netkar-PRO Remote Stack Buffer Overflow Vulnerability
| Bugtraq ID: | 39555 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 13 2010 12:00AM |
| Updated: | Apr 13 2010 12:00AM |
| Credit: | Luigi Auriemma |
| Vulnerable: |
netkar-PRO netkar-PRO 1.1 |
| Not Vulnerable: | |
Discussion
netkar-PRO Remote Stack Buffer Overflow Vulnerability
netkar-PRO is prone to a remote stack-based buffer-overflow vulnerability because it fails to properly bounds-check messages before copying them to an insufficiently sized memory buffer.
Successful exploits can allow remote attackers to execute arbitrary machine code in the context of the user running the application.
netkar-PRO 1.1 is vulnerable; other versions may also be affected.
netkar-PRO is prone to a remote stack-based buffer-overflow vulnerability because it fails to properly bounds-check messages before copying them to an insufficiently sized memory buffer.
Successful exploits can allow remote attackers to execute arbitrary machine code in the context of the user running the application.
netkar-PRO 1.1 is vulnerable; other versions may also be affected.
Exploit / POC
netkar-PRO Remote Stack Buffer Overflow Vulnerability
The following proof of concept is available:
The following proof of concept is available:
Solution / Fix
netkar-PRO Remote Stack Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any official vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any official vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].