Lucene search

SAINT CorporationSAINT:F168A3089838198F30F8EFEB69B427F9

HistoryMar 03, 2009 - 12:00 a.m.

Fujitsu SystemcastWizard Lite PXE service buffer overflow

2009-03-0300:00:00

SAINT Corporation

my.saintcorporation.com

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.288 Low

EPSS

Percentile

96.9%

JSON

Added: 03/03/2009
CVE: CVE-2009-0270
BID: 33342
OSVDB: 51486

Background

SystemcastWizard Lite is support software for the setup of Primequest systems.

Problem

A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, specially crafted datagram to the PXE service.

Resolution

Apply the patch referenced on the precautions page for Windows Server 2008 or Windows Server 2003.

References

<http://www.securityfocus.com/archive/1/500172>

Limitations

Exploit works on Fujitsu SystemcastWizard Lite 1.9.

Platforms

Windows

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.288 Low

EPSS

Percentile

96.9%

JSON

Related for SAINT:F168A3089838198F30F8EFEB69B427F9