|
Family: Gain a shell remotely --> Category: denial
Sentinel License Manager Remote Buffer Overflow Vulnerability Vulnerability Scan
Vulnerability Scan Summary Detects remote buffer overflow vulnerability in Sentinel License Manager
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote service is subject to a buffer overflow attack.
Description :
The remote host is running a version of Sentinel License Manager that
is subject to remote buffer overflows. By sending 3000 bytes or more
to the UDP port on which it listens (5093 by default), a remote
attacker can crash the LServnt.exe service, overwrite the EIP
register, and possibly execute arbitrary code.
See also :
http://www.cirt.dk/advisories/cirt-30-advisory.pdf
http://archives.neohapsis.com/archives/bugtraq/2005-03/0109.html
http://www.kb.cert.org/vuls/id/108790
Solution :
Upgrade to Sentinel License Manager 8.0.0 or greater as that
reportedly addresses the issue.
Threat Level:
Critical / CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|