Knowledgebase
A vulnerability tool identifies MWAgent as a high security risk. It can be exploited to cause a stack-based buffer overflow via an overly long command sent to the service (default port 2222/tcp)?
Posted by - NA - on 26 June 2010 01:27 AM

The vulnerability is caused due to a boundary error in the MicroWorld Agent service (MWAGENT.EXE) when decrypting received commands. This can be exploited to cause a stack-based buffer overflow via an overly long command sent to the service (default port 2222/tcp).

This vulnerability has been resolved in the latest hotfix and version 9.0.178.1 and later. MWAGENT.EXE is a gateway between eScan client and server. To avoid this vulnerability, we are using encrypted data format.

(4 vote(s))
Helpful
Not helpful

Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments:
CAPTCHA Verification 
 
Please enter the text you see in the image into the textbox below (we use this to prevent automated submissions).