Timbuktu Pro < 8.6.7 PlughNTCommand Named Pipe Remote Stack Buffer Overflow

Critical Nessus Plugin ID 39563


The remote Windows host contains a program that is prone to a remote buffer overflow attack.


The remote Windows host contains a version of Motorola Inc.'s Timbuktu Pro that is earlier than 8.6.7. Timbuktu Pro allows remote access to a computer's desktop, and versions before 8.6.7 reportedly contain a stack-based buffer overflow that can be triggered when the 'PlughNTCommand' named pipe receives an overly large character string.
An unauthenticated, remote attacker can leverage this issue to crash the affected application or to execute arbitrary code with SYSTEM privileges.


Upgrade to Timbuktu Pro for Windows version 8.6.7 or later.

See Also




Plugin Details

Severity: Critical

ID: 39563

File Name: timbuktu_867.nasl

Version: $Revision: 1.15 $

Type: local

Agent: windows

Family: Windows

Published: 2009/06/28

Modified: 2016/11/23

Dependencies: 13855

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Exploitable With

Core Impact

Metasploit (Timbuktu PlughNTCommand Named Pipe Buffer Overflow)

Reference Information

CVE: CVE-2009-1394

BID: 35496

OSVDB: 55436

CWE: 119