The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Tanuki Java Service Wrapper

computer vulnerability bulletin 22168

Tanuki Java Service Wrapper: buffer overflow via HostIds collection

Synthesis of the vulnerability

An attacker can generate a buffer overflow via HostIds collection in Tanuki Java Service Wrapper, in order to trigger a denial of service, and possibly to run code.
Impacted products: Java Service Wrapper.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, denial of service on service.
Provenance: user account.
Creation date: 17/03/2017.
Identifiers: VIGILANCE-VUL-22168.

Description of the vulnerability

The Tanuki Java Service Wrapper product get the network configuration.

However, if the host have more than 10 network interfaces, a buffer overflow occurs when reading adresses or host names.

An attacker can therefore generate a buffer overflow via HostIds collection in Tanuki Java Service Wrapper, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Tanuki Java Service Wrapper: