|
|
>> LiveData Inter-Control Center Communications Protocol Server Remote Vulnerability
|
Title : LiveData Inter-Control Center Communications Protocol Server Remote Vulnerability
VUPEN ID : VUPEN/ADV-2006-1830
CVE ID : CVE-2006-0059
Rated as : High Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2006-05-16
|
A vulnerability has been identified in LiveData Inter-Control Center Communications Protocol (ICCP) Server, which could be exploited by remote attackers to execute arbitrary commands or cause a denial of service. This flaw is due to a heap overflow error in the ISO Transport Service over TCP (RFC 1006) implementation that does not properly handle malformed packets, which could be exploited by remote unauthenticated attackers to crash or potentially compromise a vulnerable server.
Affected Products
LiveData ICCP Server versions prior to 5.00.035
Solution
Upgrade to LiveData ICCP Server version 5.00.035 or later :
ftp://ftp.livedata.com/
References
http://www.vupen.com/english/advisories/2006/1830
http://www.kb.cert.org/vuls/id/190617
Credits
Vulnerability reported by Matt Franz (Digital Bond Inc.)
ChangeLog
2006-05-16 : Initial release
Vulnerability Management
Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form. | |
|
