LANDesk Management Suite Alert Service buffer overflow

2007-04-23T00:00:00
ID SAINT:30DCBC896731FBD4CF542016E45DF1E6
Type saint
Reporter SAINT Corporation
Modified 2007-04-23T00:00:00

Description

Added: 04/23/2007
CVE: CVE-2007-1674
BID: 23483
OSVDB: 34964

Background

LANDesk Management Suite automates systems and security management tasks across a network. It runs an Alert Service which listens for communication on port 65535/UDP.

Problem

A buffer overflow vulnerability in the Alert Service allows remote attackers to execute arbitrary commands.

Resolution

Apply the hotfix.

References

<http://www.tippingpoint.com/security/advisories/TSRT-07-04.html>

Limitations

Exploit works on LANDesk Management Suite 8.7.

Platforms

Windows