Vulnerabilities > CVE-2007-1173 - Remote Buffer Overflow vulnerability in Multiple Vendor XFERWAN.EXE
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple buffer overflows in the CentennialIPTransferServer service (XFERWAN.EXE), as used by (1) Centennial Discovery 2006 Feature Pack 1, (2) Numara Asset Manager 8.0, and (3) Symantec Discovery 6.5, allow remote attackers to execute arbitrary code via long strings in a crafted TCP packet.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 | |
Application | 1 | |
Application | 1 |
References
- http://osvdb.org/35076
- http://secunia.com/advisories/24090
- http://secunia.com/advisories/24281
- http://secunia.com/advisories/24329
- http://secunia.com/secunia_research/2007-41/advisory/
- http://secunia.com/secunia_research/2007-42/advisory/
- http://secunia.com/secunia_research/2007-43/advisory/
- http://www.securityfocus.com/bid/24002
- http://www.securitytracker.com/id?1018072
- http://www.vupen.com/english/advisories/2007/1832
- http://www.vupen.com/english/advisories/2007/1833
- http://www.vupen.com/english/advisories/2007/1834
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34313