SIDVault.Simple_Bind.Function.Buffer.Overflow
Description
A stack based buffer overflow vulnerability has been identified in the LDAP service (sidvault.exe) of the SIDVault LDAP application. The application fails to adequately bounds check user supplied input before copying it to an insufficiently sized buffer. This can be exploited to execute arbitrary code by sending a specially crafted packet to port 389/TCP of the vulnerable system.
Affected Products
Alpha Centauri Software SIDVault 2.0e (Windows)
Alpha Centauri Software SIDVault 2.0d (Linux)
Impact
Arbitrary code execution.
Recommended Actions
The vendor has released SIDVault 2.0f to address this issue. Please upgrade to it.
Alpha Centauri Software SIDVault 2.0e (Windows)
Alpha Centauri Software SIDVault 2.0d (Linux)
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |