A remote overflow exists in CDE dtspcd. dtspcd fails to perform proper bounds checking within 'libDtSvc' resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.
Classification
Location:
Remote / Network Access
Attack Type:
Input Manipulation
Impact:
Loss of Integrity
Exploit:
Exploit Public
Disclosure:
OSVDB Verified
Solution
Currently, there are no known workarounds to correct this issue. However, each respective vendor has released a patch and/or new software versions to address this vulnerability.
This product uses the Daylife API but is not endorsed or certified by Daylife.
This section lists the latest news and blogs found via the daylife API (and for older items, the technorati API), which mention or otherwise discuss this vulnerability.