LANDesk Management Suite Alert Service (aolnsrvr.exe) Remote Overflow
Critical Nessus Plugin ID 25085
SynopsisThe remote Windows host has an application that is affected by a buffer overflow vulnerability.
DescriptionLANDesk Management Suite, used to automate system and security management tasks, is installed on the remote host.
The version of LANDesk Management Suite includes an instance of Intel Pro Alerting Proxy, which contains a stack-based buffer overflow vulnerability. An attacker may be able to leverage this issue by connecting to it over UDP port 65535 and sending sufficient data to overflow a 268 byte stack-based buffer to execute arbitrary code with LOCAL SYSTEM privileges.
SolutionApply the latest Service Pack followed by hotfix INST-11050687.2.zip or remove the Intel Pro Alerting Proxy software.