Sysax Multi Server SFTP Module Buffer Overflow Vulnerability
BID:52191
Info
Sysax Multi Server SFTP Module Buffer Overflow Vulnerability
| Bugtraq ID: | 52191 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 27 2012 12:00AM |
| Updated: | Feb 27 2012 12:00AM |
| Credit: | Craig Freyman |
| Vulnerable: |
Codeorigin Sysax Multi Server 5.53 Codeorigin Sysax Multi Server 5.52 Codeorigin Sysax Multi Server 5.50 Codeorigin Sysax Multi Server 5.25 Codeorigin Sysax Multi Server 4.3 |
| Not Vulnerable: | |
Discussion
Sysax Multi Server SFTP Module Buffer Overflow Vulnerability
Sysax Multi Server is prone to a buffer-overflow vulnerability.
An attacker can exploit this issue to execute arbitrary code in the context of the server. Failed exploit attempts will result in a denial-of-service condition.
Sysax Multi Server 5.53 is vulnerable; prior versions may also be affected.
Sysax Multi Server is prone to a buffer-overflow vulnerability.
An attacker can exploit this issue to execute arbitrary code in the context of the server. Failed exploit attempts will result in a denial-of-service condition.
Sysax Multi Server 5.53 is vulnerable; prior versions may also be affected.
Exploit / POC
Sysax Multi Server SFTP Module Buffer Overflow Vulnerability
The following exploit code is available:
The following exploit code is available:
Solution / Fix
Sysax Multi Server SFTP Module Buffer Overflow Vulnerability
Solution:
Reports indicate that this issue has been fixed in the 5.55 version. Symantec has not verified this information. Please contact the vendor and see the references for more information.
Solution:
Reports indicate that this issue has been fixed in the 5.55 version. Symantec has not verified this information. Please contact the vendor and see the references for more information.
References
Sysax Multi Server SFTP Module Buffer Overflow Vulnerability
References:
References:
- Sysax Multi Server 5.53 SFTP Exploit (Craig Freyman)
- Sysax Multi Server Homepage (Codeorigin)