Timbuktu Pro < 8.6.5 Multiple Vulnerabilities

This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has a program that is affected by multiple
issues.

Description :

According to its version, the installation of Timbuktu Pro on the
remote host reportedly is affected by three buffer overflows that can
be exploited without authentication to crash the service or execute
arbitrary code on the affected host with SYSTEM privileges.

In addition, the application also may allow for creation or deletion
of arbitrary files with SYSTEM privileges on the affected host.

See also :

http://www.nessus.org/u?0e048278
http://www.nessus.org/u?83c900c6
http://seclists.org/bugtraq/2007/Aug/424
http://seclists.org/bugtraq/2007/Aug/425
http://www.nessus.org/u?f33df19c

Solution :

Upgrade to Timbuktu Pro for Windows version 8.6.5 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 25954 ()

Bugtraq ID: 25453
25454

CVE ID: CVE-2007-4220
CVE-2007-4221

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now