Lucene search

[email protected]CVE-2008-1491

HistoryMar 25, 2008 - 7:44 p.m.

CVE-2008-1491

2008-03-2519:44:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-1491

dpc proxy server

dpcproxy.exe

asus remote console

arc

asmb3

buffer overflow

remote code execution

tcp port 623

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.2 High

AI Score

Confidence

High

0.755 High

EPSS

Percentile

98.2%

JSON

Stack-based buffer overflow in the DPC Proxy server (DpcProxy.exe) in ASUS Remote Console (aka ARC or ASMB3) 2.0.0.19 and 2.0.0.24 allows remote attackers to execute arbitrary code via a long string to TCP port 623.

Affected configurations

NVD

Node

asusremote_consoleMatch2.0.0.19

asusremote_consoleMatch2.0.0.24

CPENameOperatorVersion
asus:remote_consoleasus remote consoleeq2.0.0.19
asus:remote_consoleasus remote consoleeq2.0.0.24

CPE	Name	Operator	Version
asus:remote_console	asus remote console	eq	2.0.0.19
asus:remote_console	asus remote console	eq	2.0.0.24

References

aluigi.altervista.org/adv/asuxdpc-adv.txt

secunia.com/advisories/29402

securityreason.com/securityalert/3771

www.securityfocus.com/archive/1/489966/100/0/threaded

www.securityfocus.com/bid/28394

www.vupen.com/english/advisories/2008/0982/references

exchange.xforce.ibmcloud.com/vulnerabilities/41358

www.exploit-db.com/exploits/5694

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.2 High

AI Score

Confidence

High

0.755 High

EPSS

Percentile

98.2%

JSON

Related for CVE-2008-1491

packetstorm1 prion1 cvelist1 nvd1