[SAFER-981204.DOS.1.3] Buffer Overflow in Platinum PCM 7.0

securitySIAMRELAY.COM

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: RSI Advise: "RSI.0012.12-03-98.SOLARIS.MKCOOKIE"
• Previous message: Adam Shiffman: "Re: Remote Tools w/Exceed v.6.0.1.0 fer 95"
• Next in thread: Dr. Mudge: "Breaking into houses to steal the security systems... Was:"

__________________________________________________________

      S.A.F.E.R. Security Bulletin 981204.DOS.1.3
__________________________________________________________


TITLE     : Buffer Overflow in Platinum PCM 7.0
DATE      : December 04, 1998
NATURE    : Denial-of-Service, Remote Code Execution
PLATFORMS : Windows NT 4.0

DETAILS:

Policy Compliance Manager is a product that performs checks on the system,
in order to ensure that security policies are enforced. It acts very much
as a security scanner, but with a limited number of security checks.

PCM Agent can be installed on different machines. Then, users can establish
connection and initiate checks using the PCM Client.

PROBLEM:

If certain amount of data is sent to port where Smaxagent.exe (Agent) is
listening [1827], Smaxagent will crash. Restart of the service is needed.

Remote users can also execute arbitrary code.

FIXES:

Platinum has been informed about this issue (and confirmed the problem) on
September 9th 1998.

___________________________________________________________

   S.A.F.E.R. - Security Alert For Entreprise Resources
          Copyright (c) 1998  Siam Relay Ltd.
 http://safer.siamrelay.com  ----  securitysiamrelay.com
___________________________________________________________

• Next message: RSI Advise: "RSI.0012.12-03-98.SOLARIS.MKCOOKIE"
• Previous message: Adam Shiffman: "Re: Remote Tools w/Exceed v.6.0.1.0 fer 95"
• Next in thread: Dr. Mudge: "Breaking into houses to steal the security systems... Was:"