CVE-2008-1491

Published: Mar 25, 2008Modified: Apr 23, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Stack-based buffer overflow in the DPC Proxy server (DpcProxy.exe) in ASUS Remote Console (aka ARC or ASMB3) 2.0.0.19 and 2.0.0.24 allows remote attackers to execute arbitrary code via a long string to TCP port 623.

Affected (2)

Products: Asus: Remote Console

Asus

1 product

Remote Console

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Asus Remote Console	Version 2.0.0.19
Asus Remote Console	Version 2.0.0.24

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (16)

http://aluigi.altervista.org/adv/asuxdpc-adv.txt

Source: cve@mitre.org

Exploit

http://secunia.com/advisories/29402

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/3771

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/489966/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/28394

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/0982/references

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/41358

Source: cve@mitre.org

https://www.exploit-db.com/exploits/5694

Source: cve@mitre.org

http://aluigi.altervista.org/adv/asuxdpc-adv.txt