Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4221

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2007-4221
Last Modified 07 Mar 2011 09:58:00
Published 28 Aug 2007 09:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4221

Summary

Multiple buffer overflows in Motorola Timbuktu Pro before 8.6.5 for Windows allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via (1) a long user name and (2) certain malformed requests; and (3) allow remote Timbuktu servers to have an unknown impact via a malformed HELLO response, related to the Scanner component and possibly related to a malformed computer name.

Vulnerable Systems

Application

  • Motorola Timbuktu 8.6.3.1367


References

BID - 25454

VUPEN - ADV-2007-2990

SECUNIA - 26588

IDEFENSE - 20070827 Motorola Timbuktu Multiple Buffer Overflow Vulnerabilities

CONFIRM - ftp://ftp-xo.netopia.com/evaluation/docs/timbuktu/win/865/relnotes/TB2Win865Evalrn.pdf

XF - timbuktu-scanner-bo(36282)

XF - timbuktu-login-bo(36281)

XF - timbuktu-protocol-bo(36280)

SECTRACK - 1018614


Last Updated: 27 May 2016 10:45:48