LANDesk Management Suite Alert Service (aolnsrvr.exe) Remote Overflow

This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an application that is affected by a
buffer overflow vulnerability.

Description :

LANDesk Management Suite, used to automate system and security
management tasks, is installed on the remote host.

The version of LANDesk Management Suite includes an instance of Intel
Pro Alerting Proxy, which contains a stack-based buffer overflow
vulnerability. An attacker may be able to leverage this issue by
connecting to it over UDP port 65535 and sending sufficient data to
overflow a 268 byte stack-based buffer to execute arbitrary code with
LOCAL SYSTEM privileges.

See also :

http://www.tippingpoint.com/security/advisories/TSRT-07-04.html
http://seclists.org/bugtraq/2007/Apr/211

Solution :

Apply the latest Service Pack followed by hotfix INST-11050687.2.zip
or remove the Intel Pro Alerting Proxy software.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 25085 (landesk_aolnsrvr_overflow.nasl)

Bugtraq ID: 23483

CVE ID: CVE-2007-1674

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now