Unisys Business Information Server Stack Overflow

Critical Nessus Plugin ID 42844


The remote Windows host contains an application that is affected by a stack overflow vulnerability.


Unisys Business Information Server is installed on the remote system.

The installed version is affected by a stack overflow vulnerability.
By sending a specially crafted request to the remote service, an attacker may be able to overflow the stack, and potentially execute arbitrary code with system level privileges.


Apply vendor-supplied patches.

See Also




Plugin Details

Severity: Critical

ID: 42844

File Name: unisys_bis_stack_overflow.nasl

Version: $Revision: 1.10 $

Type: local

Agent: windows

Family: Windows

Published: 2009/11/18

Modified: 2016/11/03

Dependencies: 13855, 42843

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:unisys:business_information_server

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2009/06/25

Vulnerability Publication Date: 2009/06/25

Exploitable With

Core Impact

Reference Information

CVE: CVE-2009-1628

BID: 35494

OSVDB: 55435

Secunia: 35572

CWE: 119