Buffer overflow : TORQUE Resource Manager Stack Buffer Overflow Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.804456

Categoría: Buffer overflow

Título: TORQUE Resource Manager Stack Buffer Overflow Vulnerability

Resumen: TORQUE Resource Manager is prone to stack buffer overflow vulnerability.

Descripción: Summary:
TORQUE Resource Manager is prone to stack buffer overflow vulnerability.

Vulnerability Insight:
The flaw is due to a boundary error within the 'disrsi_()' function
(src/lib/Libdis/disrsi_.c), which can be exploited to cause a stack-based buffer overflow.

Vulnerability Impact:
Successful exploitation will allow remote attacker to execute arbitrary code
and cause a denial of service.

Affected Software/OS:
TORQUE versions 2.5 through 2.5.13.

Solution:
Upgrade to TORQUE 4.2 or later.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2014-0749
BugTraq ID: 67420
http://www.securityfocus.com/bid/67420
Bugtraq: 20140515 [CVE-2014-0749] TORQUE Buffer Overflow (Google Search)
http://www.securityfocus.com/archive/1/532110/100/0/threaded
Debian Security Information: DSA-2936 (Google Search)
http://www.debian.org/security/2014/dsa-2936
http://www.exploit-db.com/exploits/33554
http://packetstormsecurity.com/files/126651/Torque-2.5.13-Buffer-Overflow.html
http://packetstormsecurity.com/files/126855/TORQUE-Resource-Manager-2.5.13-Buffer-Overflow.html
https://labs.mwrinfosecurity.com/advisories/2014/05/14/torque-buffer-overflow
https://labs.mwrinfosecurity.com/system/assets/662/original/torque-buffer-overflow_2014-05-14.pdf
http://osvdb.org/show/osvdb/107024

Copyright Copyright (C) 2014 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.804456
Categoría:	Buffer overflow
Título:	TORQUE Resource Manager Stack Buffer Overflow Vulnerability
Resumen:	TORQUE Resource Manager is prone to stack buffer overflow vulnerability.
Descripción:	Summary: TORQUE Resource Manager is prone to stack buffer overflow vulnerability. Vulnerability Insight: The flaw is due to a boundary error within the 'disrsi_()' function (src/lib/Libdis/disrsi_.c), which can be exploited to cause a stack-based buffer overflow. Vulnerability Impact: Successful exploitation will allow remote attacker to execute arbitrary code and cause a denial of service. Affected Software/OS: TORQUE versions 2.5 through 2.5.13. Solution: Upgrade to TORQUE 4.2 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0749 BugTraq ID: 67420 http://www.securityfocus.com/bid/67420 Bugtraq: 20140515 [CVE-2014-0749] TORQUE Buffer Overflow (Google Search) http://www.securityfocus.com/archive/1/532110/100/0/threaded Debian Security Information: DSA-2936 (Google Search) http://www.debian.org/security/2014/dsa-2936 http://www.exploit-db.com/exploits/33554 http://packetstormsecurity.com/files/126651/Torque-2.5.13-Buffer-Overflow.html http://packetstormsecurity.com/files/126855/TORQUE-Resource-Manager-2.5.13-Buffer-Overflow.html https://labs.mwrinfosecurity.com/advisories/2014/05/14/torque-buffer-overflow https://labs.mwrinfosecurity.com/system/assets/662/original/torque-buffer-overflow_2014-05-14.pdf http://osvdb.org/show/osvdb/107024
Copyright	Copyright (C) 2014 Greenbone AG