DriveLock DriveLock.exe HTTP Request Processing Remote Overflow

This script is Copyright (C) 2007-2017 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has a program that is susceptible to a buffer
overflow attack.

Description :

DriveLock, an application for controlling access to computer devices,
is installed on the remote host.

According to its version, the DriveLock Agent component, which acts as
a web server, on the remote host fails to properly handle long HTTP
requests. An unauthenticated, remote attacker may be able to leverage
this issue to execute arbitrary code on the affected host with SYSTEM
privileges.

Solution :

Upgrade to DriveLock version 5.0.0.314 / 4.1.1.277 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 26915 (drivelock_http_overflow.nasl)

Bugtraq ID: 25902

CVE ID: CVE-2007-5209

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now