[Full-disclosure] [vuln.sg] ALPass Password File Import Buffer Overflow Vulnerability
TAN Chew Keong
vulnpost-remove at vuln.sg
Fri Aug 24 16:05:56 BST 2007
[vuln.sg] Vulnerability Research Advisory
ALPass Password File Import Buffer Overflow Vulnerability
by Tan Chew Keong
Release Date: 2007-08-24
Summary
-------
A vulnerability has been found in ALPass. When exploited, the
vulnerability allows execution of arbitrary code when the user imports
Site Information from a specially-crafted ALPass DB File (APW).
Tested Versions
---------------
ESTsoft ALPass version 2.7 (English) (ALPass.exe file version 2.70.24.6112)
Details
-------
http://vuln.sg/alpass27-en.html
http://vuln.sg/alpass27-jp.html
Full-Disclosure is hosted and sponsored by Secunia.