SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Lumension Device Control Vendors:   Lumension Security, Inc.
Lumension Device Control Memory Corruption Error Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1025561
SecurityTracker URL:  http://securitytracker.com/id/1025561
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Updated:  Aug 26 2011
Original Entry Date:  May 24 2011
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 4.4 SR6 and prior versions
Description:   A vulnerability was reported in Lumension Device Control. A remote user can execute arbitrary code on the target system.

A remote user can send specially crafted data to TCP port 65129 to trigger a memory corruption error in the 'sxs.exe' service and execute arbitrary code on the target Lumension Application Server.

Andy Davis of NGS Secure reported this vulnerability.

Impact:   A remote user can execute arbitrary code on the target system.
Solution:   The vendor has issued a fix (4.4 SR7), available at:

https://portal.lumension.com/

Vendor URL:  www.lumension.com/ (Links to External Site)
Cause:   Access control error
Underlying OS:  Windows (2003), Windows (2008)

Message History:   None.


 Source Message Contents

Subject:  NGS00054 Patch Notification: Lumension Device Control (formerly Sanctuary) remote memory corruption

Lumension Device Control (formerly Sanctuary) remote memory corruption

24/05/2011

Andy Davis of NGS Secure has discovered a high risk vulnerability in Lumension Device Control. Sending a specially crafted packet to a TCP service running on the Lumension Application Server results in a memory corruption vulnerability being triggered and potentially arbitrary code execution. 

Versions affected include:
Lumension Device Control v4.4 SR6 and earlier releases.

This issue is addressed in SR7, which can be downloaded by registered customers at:
https://portal.lumension.com/

NGS Secure is going to withhold details of this flaw for three months. This three month window will allow users the time needed to apply the patch before the details are released to the general public. This reflects the NGS Secure approach to responsible disclosure.

NGS Secure Research
http://www.ngssecure.com
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC