Details of VAR-200412-1188

ID

VAR-200412-1188

CVE

CVE-2004-1793

TITLE

YaSoft Switch SendMsg Remote buffer overflow vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200412-1166

DESCRIPTION

Stack-based buffer overflow in swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote authenticated users to execute arbitrary code via a long message parameter in a SendMsg action to action.htm. A vulnerability has been identified in the YaSoft Switch Off software package when handling message requests. The buffer overrun condition exists in the 'swnet.dll' module of the software due to insufficient bounds checking performed by the affected component. The overflow may be caused by sending an excessively long 'message' parameter to the application. This may make it possible for a remote user to execute arbitrary code through a vulnerable server. Switch Off is an easy-to-use tray-based system tool that automates frequently used operations, such as shutting down or restarting a computer, closing a dial-up connection, and more. A remote attacker can use this vulnerability to overflow the buffer of the service program. Carefully submitting data may execute arbitrary instructions on the system with the SYSTEM process privilege. The problem exists in the action.htm script

Trust: 1.26

sources: NVD: CVE-2004-1793 // BID: 9340 // VULHUB: VHN-10223

AFFECTED PRODUCTS

vendor:	yatsoft	model:	switch off	scope:	eq	version:	1.0	Trust: 1.6
vendor:	yatsoft	model:	switch off	scope:	eq	version:	2.2	Trust: 1.6
vendor:	yatsoft	model:	switch off	scope:	eq	version:	1.1	Trust: 1.6
vendor:	yatsoft	model:	switch off	scope:	eq	version:	2.1	Trust: 1.6
vendor:	yatsoft	model:	switch off	scope:	eq	version:	1.2	Trust: 1.6
vendor:	yatsoft	model:	switch off	scope:	eq	version:	1.8	Trust: 1.6
vendor:	yatsoft	model:	switch off	scope:	eq	version:	0.7	Trust: 1.6
vendor:	yatsoft	model:	switch off	scope:	eq	version:	2.0	Trust: 1.6
vendor:	yatsoft	model:	switch off	scope:	eq	version:	1.9	Trust: 1.6
vendor:	yatsoft	model:	switch off	scope:	eq	version:	2.3	Trust: 1.6
vendor:	yatsoft	model:	switch off	scope:	eq	version:	1.5.1	Trust: 1.0
vendor:	yatsoft	model:	switch off	scope:	eq	version:	1.5	Trust: 1.0
vendor:	yatsoft	model:	switch off	scope:	eq	version:	1.3	Trust: 1.0
vendor:	yatsoft	model:	switch off	scope:	eq	version:	1.7	Trust: 1.0
vendor:	yatsoft	model:	switch off	scope:	eq	version:	1.4	Trust: 1.0
vendor:	yatsoft	model:	switch off	scope:	eq	version:	1.6	Trust: 1.0
vendor:	y soft	model:	switch off	scope:	eq	version:	2.3	Trust: 0.3

sources: BID: 9340 // CNNVD: CNNVD-200412-1166 // NVD: CVE-2004-1793

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2004-1793
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200412-1166
value:	HIGH
Trust: 0.6
VULHUB:	VHN-10223
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2004-1793
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-10223
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-10223 // CNNVD: CNNVD-200412-1166 // NVD: CVE-2004-1793

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-1793

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200412-1166

TYPE

Boundary Condition Error

Trust: 0.9

sources: BID: 9340 // CNNVD: CNNVD-200412-1166

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-10223

EXTERNAL IDS

db:	BID	id:	9340	Trust: 2.0
db:	NVD	id:	CVE-2004-1793	Trust: 1.7
db:	SECTRACK	id:	1008581	Trust: 1.7
db:	OSVDB	id:	3309	Trust: 1.7
db:	SECUNIA	id:	10521	Trust: 1.7
db:	CNNVD	id:	CNNVD-200412-1166	Trust: 0.7
db:	BUGTRAQ	id:	20040102 SWITCH OFF MULTIPLE VULNERABILITIES	Trust: 0.6
db:	NSFOCUS	id:	5877	Trust: 0.6
db:	XF	id:	14124	Trust: 0.6
db:	SEEBUG	id:	SSVID-77270	Trust: 0.1
db:	EXPLOIT-DB	id:	23509	Trust: 0.1
db:	VULHUB	id:	VHN-10223	Trust: 0.1

sources: VULHUB: VHN-10223 // BID: 9340 // CNNVD: CNNVD-200412-1166 // NVD: CVE-2004-1793

REFERENCES

url:	http://www.securityfocus.com/bid/9340	Trust: 1.7
url:	http://www.securityfocus.com/archive/1/348693	Trust: 1.7
url:	http://www.elitehaven.net/switchoff.txt	Trust: 1.7
url:	http://www.osvdb.org/3309	Trust: 1.7
url:	http://securitytracker.com/id?1008581	Trust: 1.7
url:	http://secunia.com/advisories/10521	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/14124	Trust: 1.1
url:	http://xforce.iss.net/xforce/xfdb/14124	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/5877	Trust: 0.6
url:	http://yasoft.km.ru/eng/switchoff/	Trust: 0.3
url:	/archive/1/348693	Trust: 0.3

sources: VULHUB: VHN-10223 // BID: 9340 // CNNVD: CNNVD-200412-1166 // NVD: CVE-2004-1793

CREDITS

Peter Winter-Smith※ peter4020@hotmail.com

Trust: 0.6

sources: CNNVD: CNNVD-200412-1166

SOURCES

db:	VULHUB	id:	VHN-10223
db:	BID	id:	9340
db:	CNNVD	id:	CNNVD-200412-1166
db:	NVD	id:	CVE-2004-1793

LAST UPDATE DATE

2024-08-14T15:25:41.984000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-10223	date:	2017-07-11T00:00:00
db:	BID	id:	9340	date:	2004-01-02T00:00:00
db:	CNNVD	id:	CNNVD-200412-1166	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2004-1793	date:	2017-07-11T01:31:21.247

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-10223	date:	2004-12-31T00:00:00
db:	BID	id:	9340	date:	2004-01-02T00:00:00
db:	CNNVD	id:	CNNVD-200412-1166	date:	2004-01-02T00:00:00
db:	NVD	id:	CVE-2004-1793	date:	2004-12-31T05:00:00