Here's the page we think you wanted. See search results instead:

Chat Live

Welcome

You are signed as:

My Profile
Logout

Please Confirm

Confirm your country to access relevant pricing, special offers, events, and contact information.

What are you looking for?

I'm looking for support Pro Oscilloscopes Handheld Spectrum Analyzers Compact Signal Generators Find a solution Get technical support Take a class Find us at events Premium used equipment KeysightCare Buy online

No product matches found - System Exception

LANDesk_Management_Suite_Alert_Service_Stack_Overflow_Vulnerability_attack

Strike ID:

G07-4ai01

CVSS:

10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

False Positive:

Variants:

Year:

2007

Description

There exists a stack buffer overflow vulnerability in LANDesk Management Suite. The vulnerability is due to a boundary error when processing specially crafted user data received by the Alert Service via port 65535/UDP. A remote unauthenticated attacker can leverage this vulnerability to inject and execute arbitrary code on the target host with System level privileges. In an attack case where code injection is not successful the affected application will terminate abnormally. In a more sophisticated attack, where code injection is successful, the behaviour of the target is entirely dependent on the intended function of the injected code. The code in such a case would execute within the security context of the service process, which is System . ---

CVE

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-1674

References

http://securitytracker.com/id?1017912

LANDesk_Management_Suite_Alert_Service_Stack_Overflow_Vulnerability_attack

Description

CVE

References

Bid