Netcat doexec.c buffer overflow
| netcat-doexec-bo (18681) |  High Risk |
Description:
Netcat is vulnerable to a buffer overflow in the doexec.c file. If Netcat is ran with the '-e' option, a remote attacker could send a malicious packet to overflow a buffer and execute arbitrary code on the system.
Consequences:
Gain Access
Remedy:
Upgrade to the latest version of Netcat for Windows (1.11 or later), available from the VulnWatch Web site. See References.
References:
- CIAC Information Bulletin P-116: Apple Security Update 2005-001 for Mac OS X.
- VulnWatch Mailing List, Mon Dec 27 2004 - 02:48:20 CST: [HAT-SQUAD] NetCat Remote Critical Vulnerability, Poc inside..
- VulnWatch Mailing List, Mon Dec 27 2004 - 19:36:22 CST : Re: [HAT-SQUAD] NetCat Remote Critical Vulnerability, Poc inside..
- VulnWatch Web site: Netcat for Windows 1.1.
- VulnWatch Web site: netcat 1.11 for Windows is released.
- BID-12106: NetCat Exec Mode Client Request Buffer Overflow Vulnerability
- CVE-2004-1317: Stack-based buffer overflow in doexec.c in Netcat for Windows 1.1, when running with the -e option, allows remote attackers to execute arbitrary code via a long DNS command.
Platforms Affected:
- NetCat Netcat 1.1
Reported:
Dec 27, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net