|
|
CVE Reference: CVE-2007-4450 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-4450 |
|
|
Description: The server in Toribash 2.71 and earlier does not properly handle long commands, which allows remote attackers to trigger a protocol violation in which data is sent to other clients without a required LF character, as demonstrated by a SAY command. NOTE: the security impact of this violation is not clear, although it probably makes exploitation of CVE-2007-4449 easier. |
|
|
CVE Status: Candidate |
|
|
References: SREASON http://securityreason.com/securityalert/3033 SAID Secunia Advisory: SA26507 MISC http://aluigi.org/poc/toribashish.zip BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/477025/100/0/threaded BID 25359 |
|
| Return to the previous page. |
