Sign-up

ID

VAR-200803-0466


CVE

CVE-2008-1491


TITLE

ASUS Remote Console of DPC Proxy Server stack-based buffer overflow vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2008-002881

DESCRIPTION

Stack-based buffer overflow in the DPC Proxy server (DpcProxy.exe) in ASUS Remote Console (aka ARC or ASMB3) 2.0.0.19 and 2.0.0.24 allows remote attackers to execute arbitrary code via a long string to TCP port 623. ASUS Remote Console is prone to a buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized buffer. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. ASUS Remote Console 2.0.0.19 is vulnerable; other versions may also be affected. There is a buffer overflow vulnerability in the ARC service when processing ultra-long user requests, and remote attackers may use this vulnerability to control the server. The main component of the ARC service is a telnet server named DpcProxy that listens on port 623 and provides an IPMI interface. The function stores the received data into a stack buffer of about 1024 bytes, and then checks for the end of the line separator (carriage return). If the user submits super-long data, it can trigger a stack overflow, resulting in the execution of arbitrary instructions. ---------------------------------------------------------------------- A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched. Download and test it today: https://psi.secunia.com/ Read more about this new version: https://psi.secunia.com/?page=changelog ---------------------------------------------------------------------- TITLE: ASUS Remote Console DPC Proxy Service Buffer Overflow SECUNIA ADVISORY ID: SA29402 VERIFY ADVISORY: http://secunia.com/advisories/29402/ CRITICAL: Moderately critical IMPACT: System access WHERE: >From local network SOFTWARE: ASUS Remote Console 2.x http://secunia.com/product/18006/ DESCRIPTION: Luigi Auriemma has discovered a vulnerability in ASUS Remote Console, which can be exploited by malicious people to compromise a vulnerable system. sending an overly long string to default port 623/TCP. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 2.0.0.19 and reported in version 2.0.0.24. SOLUTION: Restrict network access to the service. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/asuxdpc-adv.txt ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2008-1491 // JVNDB: JVNDB-2008-002881 // BID: 28394 // VULHUB: VHN-31616 // PACKETSTORM: 64853

AFFECTED PRODUCTS

vendor:asusmodel:remote consolescope:eqversion:2.0.0.24

Trust: 1.9

vendor:asusmodel:remote consolescope:eqversion:2.0.0.19

Trust: 1.9

vendor:asustek computermodel:remote consolescope:eqversion:2.0.0.19 and 2.0.0.24

Trust: 0.8

sources: BID: 28394 // JVNDB: JVNDB-2008-002881 // CNNVD: CNNVD-200803-403 // NVD: CVE-2008-1491

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2008-1491
value: HIGH

Trust: 1.0

NVD: CVE-2008-1491
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200803-403
value: CRITICAL

Trust: 0.6

VULHUB: VHN-31616
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2008-1491
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-31616
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-31616 // JVNDB: JVNDB-2008-002881 // CNNVD: CNNVD-200803-403 // NVD: CVE-2008-1491

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-31616 // JVNDB: JVNDB-2008-002881 // NVD: CVE-2008-1491

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 64853 // CNNVD: CNNVD-200803-403

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200803-403

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2008-002881

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-31616

PATCH
title:Top Pageurl:http://www.asus.com/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2008-002881

EXTERNAL IDS
db:NVDid:CVE-2008-1491
Trust: 2.8
db:BIDid:28394
Trust: 2.0
db:SECUNIAid:29402
Trust: 1.8
db:EXPLOIT-DBid:5694
Trust: 1.7
db:SREASONid:3771
Trust: 1.7
db:VUPENid:ADV-2008-0982
Trust: 1.7
db:JVNDBid:JVNDB-2008-002881
Trust: 0.8
db:CNNVDid:CNNVD-200803-403
Trust: 0.7
db:BUGTRAQid:20080321 BUFFER-OVERFLOW IN ASUS REMOTE CONSOLE 2.0.0.24
Trust: 0.6
db:XFid:3
Trust: 0.6
db:XFid:41358
Trust: 0.6
db:MILW0RMid:5694
Trust: 0.6
db:EXPLOIT-DBid:16425
Trust: 0.1
db:PACKETSTORMid:83016
Trust: 0.1
db:SEEBUGid:SSVID-70940
Trust: 0.1
db:VULHUBid:VHN-31616
Trust: 0.1
db:PACKETSTORMid:64853
Trust: 0.1
sources:
            
            
            VULHUB: VHN-31616 // 
            
            
            
            BID: 28394 // 
            
            
            
            JVNDB: JVNDB-2008-002881 // 
            
            
            
            PACKETSTORM: 64853 // 
            
            
            
            CNNVD: CNNVD-200803-403 // 
            
            
            
            NVD: CVE-2008-1491

REFERENCES
url:http://aluigi.altervista.org/adv/asuxdpc-adv.txt
Trust: 2.1
url:http://www.securityfocus.com/bid/28394
Trust: 1.7
url:http://secunia.com/advisories/29402
Trust: 1.7
url:http://securityreason.com/securityalert/3771
Trust: 1.7
url:http://www.securityfocus.com/archive/1/489966/100/0/threaded
Trust: 1.1
url:https://www.exploit-db.com/exploits/5694
Trust: 1.1
url:http://www.vupen.com/english/advisories/2008/0982/references
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/41358
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1491
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-1491
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/41358
Trust: 0.6
url:http://www.securityfocus.com/archive/1/archive/1/489966/100/0/threaded
Trust: 0.6
url:http://www.milw0rm.com/exploits/5694
Trust: 0.6
url:http://www.frsirt.com/english/advisories/2008/0982/references
Trust: 0.6
url:http://www.asus.com/999/html/share/9/icon/9/index.htm#asmb3
Trust: 0.3
url:/archive/1/489966
Trust: 0.3
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:https://psi.secunia.com/?page=changelog
Trust: 0.1
url:https://psi.secunia.com/
Trust: 0.1
url:http://secunia.com/product/18006/
Trust: 0.1
url:http://secunia.com/advisories/29402/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-31616 // 
            
            
            
            BID: 28394 // 
            
            
            
            JVNDB: JVNDB-2008-002881 // 
            
            
            
            PACKETSTORM: 64853 // 
            
            
            
            CNNVD: CNNVD-200803-403 // 
            
            
            
            NVD: CVE-2008-1491

CREDITS
Luigi Auriemma aluigi@pivx.com
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200803-403

SOURCES
db:VULHUBid:VHN-31616
db:BIDid:28394
db:JVNDBid:JVNDB-2008-002881
db:PACKETSTORMid:64853
db:CNNVDid:CNNVD-200803-403
db:NVDid:CVE-2008-1491

LAST UPDATE DATE
2025-04-10T19:59:19.739000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-31616date:2018-10-11T00:00:00
db:BIDid:28394date:2015-05-07T17:32:00
db:JVNDBid:JVNDB-2008-002881date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200803-403date:2009-04-08T00:00:00
db:NVDid:CVE-2008-1491date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:VULHUBid:VHN-31616date:2008-03-25T00:00:00
db:BIDid:28394date:2008-03-21T00:00:00
db:JVNDBid:JVNDB-2008-002881date:2012-06-26T00:00:00
db:PACKETSTORMid:64853date:2008-03-26T00:09:25
db:CNNVDid:CNNVD-200803-403date:2008-03-25T00:00:00
db:NVDid:CVE-2008-1491date:2008-03-25T19:44:00