Description
Multiple buffer overflows in the CentennialIPTransferServer service (XFERWAN.EXE), as used by (1) Centennial Discovery 2006 Feature Pack 1, (2) Numara Asset Manager 8.0, and (3) Symantec Discovery 6.5, allow remote attackers to execute arbitrary code via long strings in a crafted TCP packet.
References (13)
Core 13
Core References
Vendor Advisory x_refsource_misc
http://secunia.com/secunia_research/2007-41/advisory/
Vendor Advisory x_refsource_misc
http://secunia.com/secunia_research/2007-42/advisory/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/34313
Vendor Advisory x_refsource_misc
http://secunia.com/secunia_research/2007-43/advisory/
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/1834
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/24002
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/1833
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1018072
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/1832
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/24090
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/24329
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/35076
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/24281
Scores
EPSS
0.2321
EPSS Percentile
96.0%
Details
Status
published
Products (3)
centennial/discovery
2006_featurepack1
numara/asset_manager
8.0
symantec/discovery
6.5
Published
May 16, 2007
Tracked Since
Feb 18, 2026