BigAnt IM Server DDNF username Field Remote Overflow

2013-04-22T00:00:00
ID SAINT:6193DD28C768D347C2210C26033CE6F4
Type saint
Reporter SAINT Corporation
Modified 2013-04-22T00:00:00

Description

Added: 04/22/2013
BID: 58998
OSVDB: 92239

Background

BigAnt Messenger Server offers secure instant messaging, file transfer, voip, video chat, web conferencing and more.

Problem

BigAnt IM Server is vulnerable to buffer overflow in the **expsrv.dll** library as a result of improper validation of user-supplied input. A remote attacker could exploit this vulnerability by sending a specially crafted DDNF request with an overly large "username" field to execute arbitrary code.

Resolution

Upgrade to a fixed version of BigAnt Server when one becomes available.

References

<http://secunia.com/advisories/52967/>

Limitations

This exploit was tested against BigAntSoft BigAnt Server 2.97 SP7 on Windows Server 2003 SP2 English (DEP OptOut) and Microsoft Windows Server 2008 SP2 (DEP OptOut).

Platforms

Windows