Bugtraq mailing list archives
[SAFER-981204.DOS.1.3] Buffer Overflow in Platinum PCM 7.0
From: security () SIAMRELAY COM (Security Research Team)
Date: Thu, 3 Dec 1998 19:56:04 -0500
__________________________________________________________ S.A.F.E.R. Security Bulletin 981204.DOS.1.3 __________________________________________________________ TITLE: Buffer Overflow in Platinum PCM 7.0 DATE: December 04, 1998 NATURE: Denial-of-Service, Remote Code Execution PLATFORMS: Windows NT 4.0 DETAILS: Policy Compliance Manager is a product that performs checks on the system, in order to ensure that security policies are enforced. It acts very much as a security scanner, but with a limited number of security checks. PCM Agent can be installed on different machines. Then, users can establish connection and initiate checks using the PCM Client. PROBLEM: If certain amount of data is sent to port where Smaxagent.exe (Agent) is listening [1827], Smaxagent will crash. Restart of the service is needed. Remote users can also execute arbitrary code. FIXES: Platinum has been informed about this issue (and confirmed the problem) on September 9th 1998. ___________________________________________________________ S.A.F.E.R. - Security Alert For Entreprise Resources Copyright (c) 1998 Siam Relay Ltd. http://safer.siamrelay.com ---- security () siamrelay com ___________________________________________________________
Current thread:
- [SAFER-981204.DOS.1.3] Buffer Overflow in Platinum PCM 7.0 Security Research Team (Dec 03)
- Breaking into houses to steal the security systems... Was: Dr. Mudge (Dec 03)
- <Possible follow-ups>
- Re: [SAFER-981204.DOS.1.3] Buffer Overflow in Platinum PCM 7.0 robert.flannigan () PLATINUM COM (Dec 07)
- Call For Papers Marco de Vivo [UCV] (Dec 07)
- Lousy password handling in BreezeCOM Mr. SteelFire (Dec 10)
- Re: Lousy password handling in BreezeCOM Thilo Hille (Dec 10)
- NSA paper on computer security Kragen (Dec 11)
- about the ip header id Salvatore Sanfilippo (Dec 14)
- Learning security Kevin M. Myer (Dec 14)
- Administrivia Aleph One (Dec 10)
- RealSystem passwords Guy Cohen (Dec 10)
(Thread continues...)