Netop Remote Control DWS File Stack Buffer Overflow

Added: 05/11/2012
BID: 47631
OSVDB: 72291

Background

NetOp Remote Control provides secure remote control and support for workstations, servers, embedded systems, and mobile devices.

Problem

NetOp Remote Control is vulnerable to stack buffer overflow as a result of failing to properly sanitize user-supplied input. A remote attacker who can persuade a user to open a specially crafted .DWS file could cause remote code execution.

Resolution

Upgrade to version 10 or higher.

References

http://packetstorm.crazydog.pt/1104-exploits/netopremotecontrol-overflow.txt

Limitations

This exploit has been tested on Netop Remote Control Guest 9.52 on Windows XP SP3 English (DEP OptIn) and Windows 7 SP1 (DEP OptIn).

Platforms

Windows

Back to exploit index