eScan < 9.0.718.1 MicroWorld Agent service (MWAGENT.EXE) Command Decryption Overflow

This script is Copyright (C) 2007-2011 Tenable Network Security, Inc.


Synopsis :

The remote service is affected by a buffer overflow vulnerability.

Description :

According to its version number, the installation of eScan on the
remote host includes a service, the MicroWorld Agent service, for
remote administration that fails to properly handle overly-long
commands. A remote attacker can leverage this issue to crash the
service or even execute arbitrary code.

Since the service operates with LocalSystem privileges, successful
exploitation could lead to a complete compromise of the affected host.

See also :

http://secunia.com/secunia_research/2007-54/advisory/

Solution :

Upgrade to eScan version 9.0.718.1 or later as that reportedly
resolves the issue.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 25296 (escan_9_0_718_1.nasl)

Bugtraq ID: 24112

CVE ID: CVE-2007-2687

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now