Timbuktu Pro < 8.6.7 PlughNTCommand Named Pipe Remote Stack Buffer Overflow

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains a program that is prone to a remote
buffer overflow attack.

Description :

The remote Windows host contains a version of Motorola Inc.'s Timbuktu
Pro that is earlier than 8.6.7. Timbuktu Pro allows remote access to a
computer's desktop, and versions before 8.6.7 reportedly contain a
stack-based buffer overflow that can be triggered when the
'PlughNTCommand' named pipe receives an overly large character string.
An unauthenticated, remote attacker can leverage this issue to crash
the affected application or to execute arbitrary code with SYSTEM
privileges.

See also :

http://www.nessus.org/u?34edc10d
http://www.securityfocus.com/archive/1/504554/30/0/threaded
http://www.nessus.org/u?41cf5a58

Solution :

Upgrade to Timbuktu Pro for Windows version 8.6.7 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 39563 ()

Bugtraq ID: 35496

CVE ID: CVE-2009-1394

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now