This script is Copyright (C) 2009-2012 Tenable Network Security, Inc.
Arbitrary code can be executed on the remote host.
The version of the Wyse Thin Client HAgent service installed on the
remote host is at risk of a remote buffer overflow attack.
An unauthenticated attacker can exploit this flaw by sending a
specially crafted packet to the remote host. Successful exploitation
would result in remote code execution with the privileges of the
See also :
Upgrade to the latest version of Wyse Device Manager (4.7.2) and
apply the two security updates (HF 04072019009 and HF04072019709).
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.8
Public Exploit Available : true
Family: Gain a shell remotely
Nessus Plugin ID: 40862 ()
Bugtraq ID: 35650