FakeBO buffer overflow 1.0
 
Plugin ID296
Plugin nameFakeBO buffer overflow
Plugin filenameFakeBO buffer overflow.plugin
Plugin filesize2111 bytes
Plugin familyBackdoors
Plugin created nameMarc Ruef
Plugin created emailmarc.ruef at computec.ch
Plugin created webhttp://www.computec.ch
Plugin created companycomputec.ch
Plugin created date2005/01/04
Plugin version1.0
Plugin protocoltcp
Plugin port12345
Plugin procedure detectionopen|sleep|close|pattern_exists NetBus
Plugin detection accuracy75
Plugin commentThe NASL script is Copyright (C) 1999 Renaud Deraison
Bug advisoryhttp://www.securityfocus.com/archive/1/12437
Bug affectedFakeBO
Bug not affectedReal BackOrifice
Bug vulnerability classBuffer Overflow
Bug descriptionWe detected a possible buffer overflow in the service FakeBO. An attacker may connect to this port, then send a specially crafted buffer which will give him a shell.
Bug solutionDisable this service. It's useless anyway. At worst, upgrade.
Bug fixing timeApprox. 30 minutes
Bug exploit availabilityYes
Bug remoteYes
Bug localYes
Bug severityHigh
Bug popularity7
Bug simplicity8
Bug impact9
Bug risk8
Bug Nessus riskHigh
Bug check toolsNessus can check this flaw with the plugin 10066 (FakeBO buffer overflow).
Source Nessus ID10066
Source LiteratureHacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427
Source Misc.http://www.computec.ch

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.