Summary
Omni-NFS is prone to multiple stack-based buffer-overflow vulnerabilities because the application fails to properly bounds-check user-supplied network data before copying it into an insufficiently sized memory buffer. The issues affect both server and client.
Exploiting these issues allows attackers to execute arbitrary machine code in the context of users running the affected application. Failed attempts will likely crash the application, resulting in denial-of- service conditions.
Omni-NFS 5.2 is vulnerable
other versions may also be affected.
References
Updated on 2017-03-28
Severity
Classification
-
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe Audition '.ses' Multiple Buffer Overflow Vulnerabilities (Windows)
- Adobe Reader 'Plug-in' Buffer Overflow Vulnerability (Linux)
- Adobe Reader 'XFDF' File Buffer Overflow Vulnerability (Linux)
- DesignWorks Professional '.cct' File BOF Vulnerability
- A-V Tronics InetServ POP3 Denial Of Service Vulnerability