Lucene search
SAINT CorporationSAINT:36EFBE36368592C7675A3D39A9188864HistoryMay 15, 2008 - 12:00 a.m.
Motorola Timbuktu login request buffer overflow
2008-05-1500:00:00
SAINT Corporation
download.saintcorporation.com
15
EPSS
0.238
Percentile
96.6%
Added: 05/15/2008
CVE: CVE-2007-4221
BID: 25454
OSVDB: 40124
Background
Motorola Timbuktu is remote control software for Windows and Mac. It runs a service which listens for connections on port 407/TCP or 407/UDP.
Problem
A buffer overflow vulnerability when processing login requests allows remote attackers to execute arbitrary commands by sending a long, specially crafted user name to the Timbuktu service.
Resolution
Upgrade to Timbuktu Pro version 8.6.5.
References
<http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=590>
Limitations
Exploit works on Motorola Timbuktu Pro 8.6.3.
Platforms
Windows
Related
checkpoint_advisories
checkpoint_advisories
Motorola Timbuktu Crafted Login Request Buffer Overflow (CVE-2007-4221)
2008-04-24 00:00:00
securityvulns
securityvulns
iDefense Security Advisory 08.27.07: Motorola Timbuktu Multiple Buffer Overflow Vulnerabilities
2007-08-29 00:00:00
Timbuktu multiple security vulnerabilities
2007-08-29 00:00:00
saint
saint
Motorola Timbuktu login request buffer overflow
2008-05-15 00:00:00
Motorola Timbuktu login request buffer overflow
2008-05-15 00:00:00
Motorola Timbuktu login request buffer overflow
2008-05-15 00:00:00
cve
cve
CVE-2007-4221
2007-08-29 01:17:00
prion
prion
Buffer overflow
2007-08-29 01:17:00
cvelist
cvelist
CVE-2007-4221
2007-08-29 01:00:00
nvd
nvd
CVE-2007-4221
2007-08-29 01:17:00
nessus
nessus
Timbuktu Pro < 8.6.5 Multiple Vulnerabilities
2007-08-30 00:00:00