Wyse Device Manager Buffer Overflow

This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains an application that is affected by a
buffer overflow vulnerability.

Description :

Wyse Device Manager is installed on the remote system. The installed
version is affected by a buffer overflow vulnerability. By sending a
specially crafted request to the server, it may be possible for an
unauthorized attacker to crash the server or execute arbitrary
commands on the remote system with system level privileges.

See also :

http://www.theregister.co.uk/2009/07/10/wyse_remote_exploit_bugs/
http://www.nessus.org/u?27941b3b

Solution :

Apply vendor-supplied patches.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 40333 ()

Bugtraq ID: 35649
54028

CVE ID: CVE-2009-0693
CVE-2009-0695

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now