|
|||
Release Date:03/19/2012
Attack Name:Sync Breeze Server Remote Buffer Overflow
Severity:
BUG ID:
CVE ID:
Description:
|
Sync Breeze is a flexible,fast and easy-to-use file synchronization tool that is used to classify, save and manage document.If libpal.dll of Sync Breeze server processes the login requirement incorrectly, the remote attacker can launch DoS attacks against the service.If command prefix ServerLogin of the Sync Breeze server receives a packet longer than 484 bytes, the stack overflow will be triggered,which will crash the syncbrs.exe process or lead to arbitrary code execution.
Impact:
Allow an attacker to making DoS attack or execute malicious code
Affected Systems:
Flexense Sync Breeze V2.2.30
Additional References:
http://secunia.com/advisories/41748/
Solution:
|
Currently manufacturers do not provide patches or upgrades, please pay attention to manufacturer's home page to get the latest version.