14 DAY TRIAL // The software utilized by governments and organizations to perform automatic translations from Chinese, Japanese and Korean into English and other languages reveals itself to be highly vulnerable.
According to Threat Post, an independent security researcher, Dillon Beresford, discovered a stack overflow vulnerability in the application which could allow an attacker to execute a piece of arbitrary code.
Unfortunately, some top companies and agencies such as Siemens, Google and even the FBI rely on the software to perform translations, all of them now being exposed to a hacking operation.
The weakness seems to affect NJStar Chinese Word Processor Version 5.30, Japanese Word Processor Version 5.3 and Communicator Version 3, each of them containing the miniSMTP component that turns out to have some holes.
The first analysis shows that the applications are exposed to an attack only if a user sends an email through the word processor of JStar Communicator.
“No response as of 10/31/11 from AUSCERT or the software vendor. CNCERT and USCERT responded on 10/30/11 and 10/31/11, CNCERT said in an email they needed to see if the vulnerability is remotely exploitable and needed more verification,” said Beresford.
“I sent a proof of concept exploit in python with remote code execution. So, here is the proof that the bug is, in fact, remotely exploitable. WIN!”
When referring to applications that are utilized by major organizations, even the simplest flaw can have a disastrous outcome. Hopefully NJStar will deal with the issue as soon as possible to make sure no one will suffer.
This is not the first time when Dillon Beresford finds interesting things. Back in August he demonstrated that attacks against popular Siemens PLCs were possible. Also, in April, when he was still employed by NSS Labs, he found some security holes in sensitive Chinese government systems which could have allowed an unauthenticated user to create email accounts.