DriveLock DriveLock.exe HTTP Request Processing Remote Overflow
High Nessus Plugin ID 26915
SynopsisThe remote Windows host has a program that is susceptible to a buffer overflow attack.
DescriptionDriveLock, an application for controlling access to computer devices, is installed on the remote host.
According to its version, the DriveLock Agent component, which acts as a web server, on the remote host fails to properly handle long HTTP requests. An unauthenticated, remote attacker may be able to leverage this issue to execute arbitrary code on the affected host with SYSTEM privileges.
SolutionUpgrade to DriveLock version 18.104.22.1684 / 22.214.171.1247 or later.