4 matches found
CVE-2023-41727
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...
Ivanti Avalanche < 6.4.2 Multiple Vulnerabilities
The version of Ivanti Avalanche running on the remote host is prior to 6.4.2. It is, therefore, is affected by multiple vulnerabilities : - An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or...
CVE-2023-41727
CVE-2023-41727 describes a memory corruption vulnerability in Ivanti Avalanche’s Mobile Device Server component, exploitable by specially crafted packets to cause DoS or remote code execution. Public docs tie this to Ivanti Avalanche prior to version 6.4.2 (noting a 9.8/critical impact per CVSS i...
Avalanche 6.4.2 Security Hardening and CVEs addressed
Avalanche 6.4.2 has addressed some new security hardening in our 2023 Quarter 4 release. To address the security vulnerabilities listed below, it is highly recommended to download the Avalanche installer and udpate to the latest Avalanche 6.4.2. The installation will apply a fix for each CVE list...