Info

Disclosure

Mar 03, 2002

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

An overflow exists in DConnect. The program fails to validate input to variables in main.c resulting in a buffer overflow. With a specially crafted request, an attacker can potentially execute arbitrary code resulting in a loss of integrity.

Classification

Location: Unknown Location
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Upgrade to version 0.0.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

DConnect

Daemon

0.0.2

References

Vendor URL: http://www.dc.ds.pg.gda.pl/
Vendor Specific Advisory URL: http://www.dc.ds.pg.gda.pl/?page=doc
http://www.dc.ds.pg.gda.pl/?page=doc&doc=changelog

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/36218