| VID |
23199 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
P2P |
| Detailed Description |
A version of Trillian program which is older than 3.1.7.0 has been installed on the host. Trillian is a peer-to-peer (P2P) file sharing program for Microsoft Windows operating system used to share audio, video, and other media files. Cerulean Studios Trillian Pro versions prior to 3.1.7.0 are vulnerable to a buffer overflow vulnerability in the aim.dll plugin and a file overwrite vulnerability via the 'aim://' URI. A remote attacker could exploit these vulnerabilities to execute arbitrary code on the affected host with the privileges of the target user.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.xs-sniper.com/nmcfeters/Cross-App-Scripting-2.html
http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0297.html
http://www.kb.cert.org/vuls/id/786920
http://blog.ceruleanstudios.com/?p=170
http://www.frsirt.com/english/advisories/2007/2546
http://secunia.com/advisories/26086
* Platforms Affected:
Cerulean Studios, Trillian Pro versions prior to 3.1.7.0
Microsoft Windows Any version |
| Recommendation |
If P2P file sharing is not allowed at your organization, uninstall the Trillian program.
-- OR --
Upgrade to the latest version of Trillian (3.1.7.0 or later), available from the Trillian Web site at http://www.ceruleanstudios.com/ |
| Related URL |
CVE-2007-3832,CVE-2007-3833 (CVE) |
| Related URL |
24927 (SecurityFocus) |
| Related URL |
35447,35449 (ISS) |
|
