Intrusion Prevention

AbsoluteTelnet.Title.Bar.Buffer.Overflow

Description

It indicates a possible exploit of Buffer overflow in AbsoluteTelnet.


AbsoluteTelnet is a secure access client and terminal emulator that provides support for SSH,Telnet, and other protocols for Microsoft Windows operating systems. A buffer overflow is reported in it that may allow an attacker to execute arbitrary code on the vulnerable system. This is due to application failure to bound check the bar code. By creating a malicious file and convincing a victim connected to the attackers system using AbsoluteTelnet to concatenate this file, a remote attacker could overflow the title bar buffer and cause the victims AbsoluteTelnet client to crash or execute arbitrary code on the system with elevated privileges.

Affected Products

Celestial Software AbsoluteTelnet 2.11 and earlier versions.

Impact

Fully Compromised of the affected system.

Recommended Actions

Upgrade to Celestial Software AbsoluteTelnet 2.12 or later versions.

CVE References

CVE-2003-1090