Detections
Analytics

GO-Global for Windows _USERSA_ Remote Overflow

critical Nessus Plugin ID 20178

Language:

Synopsis

The remote display server is affected by a buffer overflow vulnerability.

Description

The remote host appears to be running a version of the GO-Global remote display server that fills a small buffer with user-supplied data without first checking its size. An attacker can leverage this issue to overflow the buffer, causing the server to crash and possibly even allowing for arbitrary code execution on the remote host.

Solution

Upgrade to GO-Global version 3.1.0.3281 or later.

See Also

https://seclists.org/fulldisclosure/2005/Nov/78

Plugin Details

Severity: Critical

ID: 20178

File Name: go_global_overflow.nasl

Version: 1.20

Type: remote

Agent: windows

Family: Windows

Published: 11/10/2005

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.3

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: x-cpe:/a:graphon:go-global

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 11/2/2005

Reference Information

CVE: CVE-2005-3483

BID: 15285