Vulnerability Note VU#136424

Remote Execute vulnerable to denial-of-service

Original Release date: 10 Dec 2004 | Last revised: 10 Dec 2004

Overview

Remote Execute cannot handle more than seven connections simultaneously. If more than seven connections are attempted, Remote Execute will crash, resulting in a denial-of-service condition.

Description

Remote Execute is a network administration tool for the Windows platform that allows users to run applications remotely. Remote Execute contains a vulnerability that may allow a remote attacker to cause a denial-of-service condition. The flaw exists because Remote Execute cannot handle more than seven connections simultaneously. If seven or more connections are attempted, Remote Execute will crash.

Impact

A remote attacker may be able to crash Remote Execute resulting in a denial-of-service condition.

Solution

Upgrade

This issue was addressed in Remote Execute version 2.3.0.1.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
IBEX SoftwareUnknown-10 Dec 2004
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

This vulnerability was reported by Paul Craig.

This document was written by Jeff Gennari.

Other Information

  • CVE IDs: Unknown
  • Date Public: 06 Dec 2004
  • Date First Published: 10 Dec 2004
  • Date Last Updated: 10 Dec 2004
  • Severity Metric: 1.18
  • Document Revision: 29

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.