Polycom 2.2/3.0 ViaVideo Buffer Overflow Vulnerability

ID EDB-ID:21941
Type exploitdb
Reporter prophecy.net.nz
Modified 2002-10-15T00:00:00


Polycom 2.2/3.0 ViaVideo Buffer Overflow Vulnerability. CVE-2002-1905 . Dos exploit for windows platform

                                            source: http://www.securityfocus.com/bid/5964/info

A buffer overflow vulnerability has been reported for ViaVideo.

An attacker can exploit this vulnerability by issuing excessively long 'GET' requests to ViaVideo devices. This will cause an error in the 'vvws.dll' library and will cause the ViaVideo service to crash.

Although unconfirmed, it may be possible for a remote attacker to exploit this issue to execute arbitrary system commands with the privileges of the ViaVideo process. 

perl -e 'print "GET " . "A" x 4132 . " HTTP/1.0\r\n\r\n";' | netcat 3603