eEye Retina Wireless Scanner .rws Handling Buffer Overflow

High Nessus Plugin ID 39809


The network scanner installed on the remote Windows host has a buffer overflow vulnerability.


The version of Retina Wireless Scanner installed on the remote host has a local buffer overflow vulnerability. A remote attacker could exploit this issue by tricking a user into opening a malformed .rws file. This could cause the program to crash or possibly result in the execution of arbitrary code.

Note that while Retina Wireless Scanner comes included with Retina Network Security Scanner, it can also be installed as a standalone application.


Either upgrade to Retina Network Security Scanner 5.10.15 or later or Retina WiFi Scanner (standalone) 1.0.9 or later.

See Also

Plugin Details

Severity: High

ID: 39809

File Name: retina_wifi_rws_overflow.nasl

Version: $Revision: 1.12 $

Type: local

Agent: windows

Family: Windows

Published: 2009/07/16

Modified: 2016/05/19

Dependencies: 39807, 39808

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 7.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Exploitable With

Core Impact

Reference Information

CVE: CVE-2009-3859

BID: 35624

EDB-ID: 9114

OSVDB: 55744

Secunia: 35786

CWE: 119