CVE-2007-4221

Name of the Vulnerable Software and Affected Versions Motorola Timbuktu Pro versions prior to 8.6.5

Description The issue is related to multiple buffer overflows that can be triggered by a long user name, certain malformed requests, or a malformed HELLO response from remote Timbuktu servers. This can cause a denial of service (daemon crash) or possibly allow the execution of arbitrary code. The Scanner component is affected, and the issue may also be related to a malformed computer name.

Recommendations For versions prior to 8.6.5, update to version 8.6.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the Scanner component to minimize the risk of exploitation. Avoid using long user names or sending malformed requests to the affected API endpoints until the issue is resolved.