Live Chat Software by Kayako |
Knowledgebase
A vulnerability tool identifies MWAgent as a high security risk. It can be exploited to cause a stack-based buffer overflow via an overly long command sent to the service (default port 2222/tcp)?
Posted by - NA - on 26 June 2010 01:27 AM
|
|
The vulnerability is caused due to a boundary error in the MicroWorld Agent service (MWAGENT.EXE) when decrypting received commands. This can be exploited to cause a stack-based buffer overflow via an overly long command sent to the service (default port 2222/tcp). This vulnerability has been resolved in the latest hotfix and version 9.0.178.1 and later. MWAGENT.EXE is a gateway between eScan client and server. To avoid this vulnerability, we are using encrypted data format. | |
|
Comments (0)