Buffer overflow : SIDVault 'simple_bind()' Function Multiple Remote Buffer Overflow Vulnerabilities

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.100270

Kategorie: Buffer overflow

Titel: SIDVault 'simple_bind()' Function Multiple Remote Buffer Overflow Vulnerabilities

Zusammenfassung: SIDVault is prone to multiple remote buffer-overflow vulnerabilities because; the application fails to properly bounds- check user-supplied input before; copying it to an insufficiently sized memory buffer.

Beschreibung: Summary:
SIDVault is prone to multiple remote buffer-overflow vulnerabilities because
the application fails to properly bounds- check user-supplied input before
copying it to an insufficiently sized memory buffer.

Vulnerability Impact:
An attacker can exploit these issues to execute arbitrary code with superuser
privileges. Successfully exploiting these issues will result in the complete
compromise of affected computers. Failed exploit attempts will result in a
denial-of-service condition.

Affected Software/OS:
These issues affect versions prior to SIDVault 2.0f.

Solution:
The vendor released SIDVault 2.0f to address this issue. Please see
the references for more information.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2007-4566
BugTraq ID: 25460
http://www.securityfocus.com/bid/25460
Bugtraq: 20070826 SIDVault LDAP Server Remote Buffer Overflow (Google Search)
http://www.securityfocus.com/archive/1/477821/100/0/threaded
http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065453.html
http://www.securitytracker.com/id?1018612
http://secunia.com/advisories/26613
http://securityreason.com/securityalert/3061
http://www.vupen.com/english/advisories/2007/2976
XForce ISS Database: sidvault-ldap-bo(36272)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36272

Copyright Copyright (C) 2009 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.100270
Kategorie:	Buffer overflow
Titel:	SIDVault 'simple_bind()' Function Multiple Remote Buffer Overflow Vulnerabilities
Zusammenfassung:	SIDVault is prone to multiple remote buffer-overflow vulnerabilities because; the application fails to properly bounds- check user-supplied input before; copying it to an insufficiently sized memory buffer.
Beschreibung:	Summary: SIDVault is prone to multiple remote buffer-overflow vulnerabilities because the application fails to properly bounds- check user-supplied input before copying it to an insufficiently sized memory buffer. Vulnerability Impact: An attacker can exploit these issues to execute arbitrary code with superuser privileges. Successfully exploiting these issues will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition. Affected Software/OS: These issues affect versions prior to SIDVault 2.0f. Solution: The vendor released SIDVault 2.0f to address this issue. Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2007-4566 BugTraq ID: 25460 http://www.securityfocus.com/bid/25460 Bugtraq: 20070826 SIDVault LDAP Server Remote Buffer Overflow (Google Search) http://www.securityfocus.com/archive/1/477821/100/0/threaded http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065453.html http://www.securitytracker.com/id?1018612 http://secunia.com/advisories/26613 http://securityreason.com/securityalert/3061 http://www.vupen.com/english/advisories/2007/2976 XForce ISS Database: sidvault-ldap-bo(36272) https://exchange.xforce.ibmcloud.com/vulnerabilities/36272
Copyright	Copyright (C) 2009 Greenbone AG