In association with heise online

28 August 2007, 13:10

Security vulnerability in Timbuktu remote control software

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The Timbuktu remote control software from Motorola contains multiple security vulnerabilities which unauthenticated attackers can exploit to remotely inject and execute arbitrary program code. A further vulnerability enables the creation of files and deletion of existing files on a system running the product.

According to security advisories from iDefense, specially crafted network requests and excess length login names can cause a buffer overflow on the heap. While establishing a connection to a Timbuktu server, specially crafted response packets, for instance from scanned servers, can be used to trigger a buffer overflow. A further vulnerability affects file transfers: due to missing verification on directory traversal constructs (path specifications containing ../ entries), attackers can create arbitrary files with system privileges. In the case of previously existing files, the software changes the names, but if the file transfer is aborted, the originally specified file is deleted.

The buffer overflow fault affects Timbuktu Version 8.6.3.1367 for Windows and possibly older versions, whereas the directory traversal vulnerability also affects the Mac version. The vulnerabilities have been eliminated in Timbuktu 8.6.5, released by Motorola. Administrators should either install the new version or block or restrict access to TCP and UDP ports 407, on which the software listens for incoming connections.

See also:

(mba)

Print Version | Send by email | Permalink: http://h-online.com/-733528
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit