Active Fax Server's FTP service has a buffer overflow vulnerability that can be exploited by a remote authenticated atacker. The bug can be triggered after the user has aunthenticated himself by sending a RETR command followed by a very large string. ActiveFax server will be left inaccessible after successful exploitation.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing ActFax Server. The vulnerability is caused due to a boundary error when processing an overly long Print Job command on the Line Printer Daemon Server (LPD-Server) . This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing ActFax Server. The vulnerability is caused due to a boundary error when processing an overly long USER name on the FTP Server. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing ActFax Raw Server. A Buffer Overflow vulnerability in ActFax Server RAW server used to transfer fax messages without protocols. Data fields. @F506,@F605, and @F000 are vulnerable.
Subscribe to Remote