Wibu-Systems CodeMeter remote denial of service vulnerability

2012-01-12T00:00:00
ID VU:659515
Type cert
Reporter CERT
Modified 2012-01-16T14:43:00

Description

Overview

Wibu-Systems CodeMeter contains a remote denial of service vulnerability when receiving specially crafted packets.

Description

Wibu-Systems CodeMeter v4.30c and v4.10b contain a remote denial of service vulnerability when receiving specially crafted packets. Wibu-Systems CodeMeter listens on TCP/22350 for incoming connections. An attacker can send a specially crafted packet causing CodeMeter.exe to crash.


Impact

A remote, unauthenticated attacker could cause the Wibu-Systems CodeMeter application to crash creating a denial-of-service condition.


Solution

Apply an Update

This vulnerability has been addressed in Wibu-Systems CodeMeter Software v4.40.


Restrict access

Restrict access to the Wibu-Systems CodeMeter network interface to trusted users and networks.


Vendor Information

659515

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

AccessData Affected

Updated: January 16, 2012

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Guidance Software, Inc. Affected

Updated: January 16, 2012

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Wibu-Systems __ Affected

Notified: October 25, 2011 Updated: January 03, 2012

Status

Affected

Vendor Statement

This vulnerability has been addressed in Wibu-Systems CodeMeter Software v4.40.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

  • <http://www.wibu.com/en/anwendersoftware.html>

CVSS Metrics

Group | Score | Vector
---|---|---
Base | |
Temporal | |
Environmental | |

References

  • <http://www.wibu.com/en/anwendersoftware.html>
  • <http://jvn.jp/en/jp/JVN78901873/index.html>

Acknowledgements

Thanks to Kuang-Chun Hung of Information and Communication Security Technology Center for reporting this vulnerability.

This document was written by Michael Orlando.

Other Information

CVE IDs: | CVE-2011-4057
---|---
Severity Metric: | 0.14
Date Public: | 2012-01-12
Date First Published: | 2012-01-12
Date Last Updated: | 2012-01-16 14:43 UTC
Document Revision: | 27