Lucene search

SAINT CorporationSAINT:957E5C0011FA5C83C7E7ED2FD8249B7A

HistoryMar 03, 2009 - 12:00 a.m.

Fujitsu SystemcastWizard Lite PXE service buffer overflow

2009-03-0300:00:00

SAINT Corporation

download.saintcorporation.com

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.288

Percentile

96.9%

JSON

Added: 03/03/2009
CVE: CVE-2009-0270
BID: 33342
OSVDB: 51486

Background

SystemcastWizard Lite is support software for the setup of Primequest systems.

Problem

A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, specially crafted datagram to the PXE service.

Resolution

Apply the patch referenced on the precautions page for Windows Server 2008 or Windows Server 2003.

References

<http://www.securityfocus.com/archive/1/500172>

Limitations

Exploit works on Fujitsu SystemcastWizard Lite 1.9.

Platforms

Windows

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.288

Percentile

96.9%

JSON

Related for SAINT:957E5C0011FA5C83C7E7ED2FD8249B7A