Vulnerabilities > CVE-2006-4125 - Remote Buffer Overflow vulnerability in Dconnect Daemon 0.0.2/0.0.3/0.7.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Stack-based buffer overflow in main.c in DConnect Daemon 0.7.0 and earlier allows remote attackers to execute arbitrary code via a large nickname, which is not properly handled by the listen_thread_udp function. This vulnerability is addressed in the following product release: DConnect, DConnect Daemon, 0.7.1
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |
Exploit-Db
description | DConnect Daemon Listen Thread UDP Remote Buffer Overflow Vulnerability. CVE-2006-4125. Remote exploits for multiple platform |
id | EDB-ID:28344 |
last seen | 2016-02-03 |
modified | 2006-08-06 |
published | 2006-08-06 |
reporter | Luigi Auriemma |
source | https://www.exploit-db.com/download/28344/ |
title | DConnect Daemon Listen Thread UDP Remote Buffer Overflow Vulnerability |
References
- http://secunia.com/advisories/21384
- http://securityreason.com/securityalert/1377
- http://securitytracker.com/id?1016641
- http://www.dc.ds.pg.gda.pl/
- http://www.dc.ds.pg.gda.pl/?page=doc&doc=changelog
- http://www.securityfocus.com/archive/1/442440/100/0/threaded
- http://www.securityfocus.com/bid/19369
- http://www.vupen.com/english/advisories/2006/3181
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28276