Lucene search
SAINT CorporationSAINT:03C53671DB55D46451E248238A4A7576HistoryFeb 22, 2013 - 12:00 a.m.
BigAnt Server SCH and DUPF Stack Overflow
2013-02-2200:00:00
SAINT Corporation
www.saintcorporation.com
14
EPSS
0.871
Percentile
98.7%
Added: 02/22/2013
CVE: CVE-2012-6275
BID: 57214
OSVDB: 89344
Background
BigAnt Messenger Server offers secure instant messaging, file transfer, voip, video chat, web conferencing and more.
Problem
BigAnt Server versions 2.97 SP7 and prior are vulnerable to a stack overflow condition due to improper validation of user supplied username and filename fields when handling SCH and DUPF commands.
Resolution
No patch is available from the vendor at this time.
References
<http://www.kb.cert.org/vuls/id/990652>
Limitations
This exploit has been tested against BigAntSoft BigAnt Server 2.97 SP7 on Windows Server 2003 SP2 English (DEP OptOut) and Windows Server 2008 SP2 (DEP OptOut).
Platforms
Windows
Related
checkpoint_advisories
checkpoint_advisories
BigAnt Server SCH Request Stack Buffer Overflow (CVE-2012-6275)
2013-03-28 00:00:00
saint
saint
BigAnt Server SCH and DUPF Stack Overflow
2013-02-22 00:00:00
BigAnt Server SCH and DUPF Stack Overflow
2013-02-22 00:00:00
BigAnt Server SCH and DUPF Stack Overflow
2013-02-22 00:00:00
zdt
zdt
BigAnt Server 2 SCH And DUPF Buffer Overflow Vulnerability
2013-02-20 00:00:00
packetstorm
packetstorm
BigAnt Server 2 SCH And DUPF Buffer Overflow
2013-02-20 00:00:00
nvd
nvd
CVE-2012-6275
2013-02-24 11:48:21
cve
cve
CVE-2012-6275
2013-02-24 11:48:21
cvelist
cvelist
CVE-2012-6275
2013-02-24 11:00:00
metasploit
metasploit
BigAnt Server 2 SCH And DUPF Buffer Overflow
2013-02-17 19:21:45
exploitdb
exploitdb
BigAnt Server 2.97 - SCH / DUPF Buffer Overflow (Metasploit)
2013-02-20 00:00:00
prion
prion
Stack overflow
2013-02-24 11:48:00
cert
cert
BigAnt IM Message server and components contain multiple vulnerabilities
2013-01-09 00:00:00
openvas
openvas
BigAntSoft BigAnt IM Message Server Multiple Vulnerabilities
2013-03-04 00:00:00