BigAnt Messenger Server USV Command Buffer Overflow

Added: 02/09/2010
BID: 37520
OSVDB: 61386

Background

BigAnt Messenger Server offers secure instant messaging, file transfer, voip, video chat, web conferencing and more.

Problem

BigAnt server version 2.52 and earlier are vulnerable to a remote, unauthenticated buffer overflow attack. The vulnerability can be triggered by sending a specially crafted USV request.

Resolution

Upgrade to the newest version of BigAnt Server.

References

http://www.securityfocus.com/bid/37520

Limitations

Exploit works on BigAnt Server 2.5.2 on Microsoft Windows Server 2003 SP2 English with patch KB933729 applied.

Platforms

Windows

Back to exploit index