IS Decisions RemoteExec '.rec' Remote Buffer Overflow

This script is Copyright (C) 2010-2015 Tenable Network Security, Inc.


Synopsis :

The remote host is running a computer-management application that is
affected by a buffer overflow vulnerability.

Description :

The remote host is running IS Decisions RemoteExec, a computer-
management application.

The installed version is earlier than 4.0.5. Such versions are
potentially affected by a buffer overflow vulnerability when
processing specially crafted '.rec' files.

An attacker, exploiting this flaw, could potentially execute arbitrary
code subject to the privileges of the user running the affected
application.

See also :

http://www.nessus.org/u?ab1d3b77
http://www.isdecisions.com/en/software/remoteexec/history.cfm

Solution :

Upgrade to IS Decisions RemoteExec 4.0.5 or later.

Risk factor :

High / CVSS Base Score : 7.6
(CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 5.6
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 45087 (isdecisions_remoteexec_4_0_5.nasl)

Bugtraq ID: 38763

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now