[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Secunia Research: Reprise License Manager "actserver" Buffer Overflow Vulnerability



======================================================================



                    Secunia Research 25/07/2016



  Reprise License Manager "actserver" Buffer Overflow Vulnerability



======================================================================

Table of Contents



Affected Software....................................................1

Severity.............................................................2

Description of Vulnerabilities.......................................3

Solution.............................................................4

Time Table...........................................................5

Credits..............................................................6

References...........................................................7

About Secunia........................................................8

Verification.........................................................9



======================================================================

1) Affected Software



* Reprise License Manager version 12.0BL2. Other versions may also be

  affected.



======================================================================

2) Severity



Rating: Moderately critical

Impact: System compromise

Where:  From local network



======================================================================

3) Description of Vulnerabilities



Secunia Research have discovered a vulnerability in Reprise

License Manager (RLM), which can be exploited by malicious people to

compromise a vulnerable system.



The vulnerability is caused due to a boundary error when handling the

"actserver" POST parameter related to /goform/activate_doit, which

can be exploited to cause a stack-based buffer overflow via a

specially crafted HTTP request.



Successful exploitation of the vulnerability may allow execution of

arbitrary code.



======================================================================

4) Solution



Update to version 12.1BL2 if available for the supported platforms.



======================================================================

5) Time Table



01/06/2016 - Initial contact with vendor.

01/06/2016 - Vendor responds with service ticket ID.

02/06/2016 - Details transferred.

02/06/2016 - Vendor confirms reception and informs that the issues

             will be fixed in version 12.1.

28/06/2016 - Release of vendor patch.

30/06/2016 - Release of Secunia Advisory SA67000, which includes

             one of the vulnerabilities that is confirmed fixed.

25/07/2016 - Public disclosure of Research Advisory.



======================================================================

6) Credits



Discovered by Behzad Najjarpour Jabbari, Secunia Research at Flexera

Software.



======================================================================

7) References



Currently no CVE identifier is assigned.



======================================================================

8) About Secunia (now part of Flexera Software)



In September 2015, Secunia has been acquired by Flexera Software:



https://secunia.com/blog/435/



Secunia offers vulnerability management solutions to corporate

customers with verified and reliable vulnerability intelligence

relevant to their specific system configuration:



http://secunia.com/products/



Secunia also provides a publicly accessible and comprehensive advisory

database as a service to the security community and private 

individuals, who are interested in or concerned about IT-security.



http://secunia.com/advisories/



Secunia believes that it is important to support the community and to

do active vulnerability research in order to aid improving the 

security and reliability of software in general:



http://secunia.com/secunia_research/



Secunia regularly hires new skilled team members. Check the URL below

to see currently vacant positions:



http://secunia.com/company/jobs/



======================================================================

9) Verification



Please verify this advisory by visiting the Secunia website:

http://secunia.com/secunia_research/2016-7/



Complete list of vulnerability reports published by Secunia Research:

http://secunia.com/secunia_research/



======================================================================