Re: ISS Security Advisory: Multiple Buffer Overflow Vulnerabilities in Raytheon SilentRunner

["Jack Hayes" <jackhayes () cablespeed com>]

Just FYI ...

The buffer overflow conditions in the application layer protocol parsing
rountines described in the ISS advisory also exist in version 1.6.1 of
Silent Runner.  Myself and a colleague reported these vulnerabilities to
Raytheon in March of this year.  We did not take a look at the knowledge
browser so I'm not sure if this overflow exists in1.6.1 or not.
Unfortunately, I know longer have access to the software to find out.

-Jack