Security News -  Security Reviews -   Exploits -  Tools -  UNIX Focus -  Windows Focus
SecuriTeam™  Beyond Security®  SecuriTeam™ Home  Ask the Team  Mailing Lists  Advertising Info  Blogs SecuriTeam™ in Your Inbox   E-mail this CVE-2007-4221 to a friend New vulnerability? New tool? Tell us	CVE-2007-4221 Motorola Timbuktu Multiple Buffer Overflow Vulnerabilities     Credit: The information has been provided by iDefense. The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=590 Website Security Scan Code Vulnerability Test Network Assessment Tool Detect hidden vulnerabilities Exhaustive automated testing Real-time, continuous security Get guidance from professionals of internal or 3rd party code. scanning for your entire network    CVE-2007-4221 Details Check for CVE-2007-4221 Vulnerability Assessment and Management. Automated Pen Testing for 50 to 50,000 nodes beyondsecurity.com/vulnerability-scanner Vulnerable Systems:  * Motorola Inc.'s Timbuktu Pro for Windows version 8.6.3.1367.  * (Older versions are suspected to be vulnerable). The first issue exists within the handling of malformed application level protocol requests. Certain requests lead to an arbitrary length overflow of a buffer located on the heap. The second vulnerability exists within the processing of log in requests. By specifying an overly long user name, it is possible to cause heap corruption. The third vulnerability specifically exists within the "Scanner" functionally. By running a malicious socket server on TCP port 407, an attacker is able to cause a buffer overflow with a malformed "HELLO" response packet. Exploitation of these vulnerabilities allows attackers to crash the Timbuktu Pro server or potentially execute arbitrary code with SYSTEM privileges. In all cases, no authentication credentials are required to access the vulnerable code. In order to exploit the first two vulnerabilities, the attacker needs only the ability to initiate a session with the Timbuktu service. This service typically runs on TCP or UDP port 407. The third vulnerability requires access to the local network since the problem lies in the handling of a response from a scanned server. Additionally, an attacker would need to persuade a user to attempt to connect to the malicious server. Workaround: Employing firewalls to limit access to the affected service's open ports (TCP and UDP port 407) can help prevent potential exposure to these vulnerabilities. Vendor Status: Motorola Inc. has addressed these vulnerabilities by releasing version 8.6.5 of Timbuktu Pro for Windows. For more information, consult the release notes at the following URL. ftp://ftp-xo.netopia.com/evaluation/docs/timbuktu/win/865/relnotes/TB2Win865Evalrn.pdf CVE Information: CVE-2007-4221 Disclosure Timeline:  * 07/18/2007 - Initial vendor notification  * 07/19/2007 - Initial vendor response  * 08/27/2007 - Coordinated public disclosure  Comments on CVE-2007-4221:  Add new comment:  Subject:  Name/Nick/Email:          Chars Left:	All Sections Security News Unix focus Exploits Tools Windows focus Security Reviews
	Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

Copyright © 1998-2010 Beyond Security® All rights reserved.
Terms of Use Site Privacy Statement.
SecuriTeam™ is a trademark of Beyond Security®