Ricoh Company DC Software DL-10 'USER' Command Remote Buffer Overflow Vulnerability
BID:52235
Info
Ricoh Company DC Software DL-10 'USER' Command Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 52235 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2012-5002 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 01 2012 12:00AM |
| Updated: | Sep 21 2012 06:20PM |
| Credit: | Julien Ahrens |
| Vulnerable: |
Ricoh Company DC Software DL-10 4.5.0.1 |
| Not Vulnerable: | |
Discussion
Ricoh Company DC Software DL-10 'USER' Command Remote Buffer Overflow Vulnerability
DC Software DL-10 is prone to a remote stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input before copying it to an insufficiently sized memory buffer.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
Ricoh DC Software DL-10 4.5.0.1 is affected; other versions may also be vulnerable.
DC Software DL-10 is prone to a remote stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input before copying it to an insufficiently sized memory buffer.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
Ricoh DC Software DL-10 4.5.0.1 is affected; other versions may also be vulnerable.
Exploit / POC
Ricoh Company DC Software DL-10 'USER' Command Remote Buffer Overflow Vulnerability
The following exploit codes are available:
The following exploit codes are available:
Solution / Fix
Ricoh Company DC Software DL-10 'USER' Command Remote Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Ricoh Company DC Software DL-10 'USER' Command Remote Buffer Overflow Vulnerability
References:
References:
- DC Software DL-10 Download Page (Ricoh Company)
- DC Software DL-10 Home Page (Ricoh Company)