Test ID:	1.3.6.1.4.1.25623.1.0.900924
Category:	Buffer overflow
Title:	Foxit WAC Server Buffer Overflow Vulnerability
Summary:	Foxit WAC Server is prone to a buffer overflow vulnerability.
Description:	Summary: Foxit WAC Server is prone to a buffer overflow vulnerability. Vulnerability Insight: A heap-based buffer-overflow occurs in the 'wacsvr.exe' while processing overly long packets sent to SSH/Telnet ports. Vulnerability Impact: Successful exploitation will let the attackers execute arbitrary code and crash the application to cause denial of service. Affected Software/OS: Foxit WAC Server 2.0 Build 3503 and prior on Windows. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-7031 BugTraq ID: 27873 http://www.securityfocus.com/bid/27873 Bugtraq: 20080219 Two heap overflow in Foxit WAC Server 2.0 Build 3503 (Google Search) http://www.securityfocus.com/archive/1/488366/100/200/threaded http://aluigi.org/adv/wachof-adv.txt http://osvdb.org/50997 http://secunia.com/advisories/28272 XForce ISS Database: wacserver-ssh-bo(40608) https://exchange.xforce.ibmcloud.com/vulnerabilities/40608
Copyright	Copyright (C) 2009 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.