VooDoo cIRCle BOTNET Remote Overflow

2005-04-25T10:57:19
ID OSVDB:15830
Type osvdb
Reporter OSVDB
Modified 2005-04-25T10:57:19

Description

Vulnerability Description

A remote overflow exists in VooDoo cIRCle BOTNET. VooDoo cIRCle BOTNET fails to properly perform bounds checking of user-supplied input in the handling of packets from BOTNET connections resulting in a buffer overflow. With a specially crafted request, an attacker can crash a vulnerable bot resulting in a loss of availability. Successful exploitation requires access to establish a BOTNET connection (e.g. knowledge of password or client SSL certificate).

Solution Description

Upgrade to version 1.0.33 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

A remote overflow exists in VooDoo cIRCle BOTNET. VooDoo cIRCle BOTNET fails to properly perform bounds checking of user-supplied input in the handling of packets from BOTNET connections resulting in a buffer overflow. With a specially crafted request, an attacker can crash a vulnerable bot resulting in a loss of availability. Successful exploitation requires access to establish a BOTNET connection (e.g. knowledge of password or client SSL certificate).

References:

Vendor URL: http://voodoo-circle.sourceforge.net/ Vendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?release_id=323254 Secunia Advisory ID:15110 ISS X-Force ID: 20273 Bugtraq ID: 13394