Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5256

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-5256
Last Modified 07 Mar 2011 10:00:23
Published 06 Oct 2007 01:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5256

Summary

Multiple stack-based buffer overflows in FSD 2.052 d9 and earlier, and FSFDT FSD 3.000 d9 and earlier, allow (1) remote attackers to execute arbitrary code via a long HELP command on TCP port 3010 to the sysuser::exechelp function in sysuser.cc and (2) remote authenticated users to execute arbitrary code via long commands on TCP port 6809 to the servinterface::sendmulticast function in servinterface.cc, as demonstrated by a PIcallsign command.

Vulnerable Systems

Application

  • Mcdu Fsd 2.052 D9

  • Mcdu Fsd 3.000 D9


References

VUPEN - ADV-2007-3334

BID - 25883

BUGTRAQ - 20071001 Two buffer-overflow in FSD V2.052 d9 and FSFDT V3.000 d9

MILW0RM - 4484

SECUNIA - 27045

SECUNIA - 27008

MISC - http://aluigi.altervista.org/adv/fsdbof-adv.txt

BUGTRAQ - 20071004 Re: Two buffer-overflow in FSD V2.052 d9 and FSFDT V3.000 d9[EXPLOIT]

SREASON - 3195


Last Updated: 27 May 2016 10:46:08