BugTraq
Secunia Research: Reprise License Manager "actserver" Buffer Overflow Vulnerability Jul 25 2016 04:27PM
Secunia Research (remove-vuln secunia com)
======================================================================

Secunia Research 25/07/2016

Reprise License Manager "actserver" Buffer Overflow Vulnerability

======================================================================

Table of Contents

Affected Software....................................................1

Severity.............................................................2

Description of Vulnerabilities.......................................3

Solution.............................................................4

Time Table...........................................................5

Credits..............................................................6

References...........................................................7

About Secunia........................................................8

Verification.........................................................9

======================================================================

1) Affected Software

* Reprise License Manager version 12.0BL2. Other versions may also be

affected.

======================================================================

2) Severity

Rating: Moderately critical

Impact: System compromise

Where: From local network

======================================================================

3) Description of Vulnerabilities

Secunia Research have discovered a vulnerability in Reprise

License Manager (RLM), which can be exploited by malicious people to

compromise a vulnerable system.

The vulnerability is caused due to a boundary error when handling the

"actserver" POST parameter related to /goform/activate_doit, which

can be exploited to cause a stack-based buffer overflow via a

specially crafted HTTP request.

Successful exploitation of the vulnerability may allow execution of

arbitrary code.

======================================================================

4) Solution

Update to version 12.1BL2 if available for the supported platforms.

======================================================================

5) Time Table

01/06/2016 - Initial contact with vendor.

01/06/2016 - Vendor responds with service ticket ID.

02/06/2016 - Details transferred.

02/06/2016 - Vendor confirms reception and informs that the issues

will be fixed in version 12.1.

28/06/2016 - Release of vendor patch.

30/06/2016 - Release of Secunia Advisory SA67000, which includes

one of the vulnerabilities that is confirmed fixed.

25/07/2016 - Public disclosure of Research Advisory.

======================================================================

6) Credits

Discovered by Behzad Najjarpour Jabbari, Secunia Research at Flexera

Software.

======================================================================

7) References

Currently no CVE identifier is assigned.

======================================================================

8) About Secunia (now part of Flexera Software)

In September 2015, Secunia has been acquired by Flexera Software:

https://secunia.com/blog/435/

Secunia offers vulnerability management solutions to corporate

customers with verified and reliable vulnerability intelligence

relevant to their specific system configuration:

http://secunia.com/products/

Secunia also provides a publicly accessible and comprehensive advisory

database as a service to the security community and private

individuals, who are interested in or concerned about IT-security.

http://secunia.com/advisories/

Secunia believes that it is important to support the community and to

do active vulnerability research in order to aid improving the

security and reliability of software in general:

http://secunia.com/secunia_research/

Secunia regularly hires new skilled team members. Check the URL below

to see currently vacant positions:

http://secunia.com/company/jobs/

======================================================================

9) Verification

Please verify this advisory by visiting the Secunia website:

http://secunia.com/secunia_research/2016-7/

Complete list of vulnerability reports published by Secunia Research:

http://secunia.com/secunia_research/

======================================================================

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus