Overview
SafeNet Sentinel License Manager contains a buffer overflow vulnerability, which may allow a remote unauthenticated attacker to execute arbitrary code on the server.
Description
Impact
A remote, unauthenticated attacker may be able to execute arbitrary code on the Sentinel LM server with the rights of the service. Sentinel LM runs as "SYSTEM" by default on Windows systems. |
Solution
Apply a patch or upgrade According to the CIRT.DK advisory, this issue is resolved in Sentinel License Manager 8.0 |
|
Vendor Information
CVSS Metrics
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
References
Acknowledgements
Thanks to Dennis Rand of CIRT.DK for reporting this vulnerability.
This document was written by Will Dormann.
Other Information
CVE IDs: | CVE-2005-0353 |
Severity Metric: | 5.67 |
Date Public: | 2005-03-07 |
Date First Published: | 2005-03-08 |
Date Last Updated: | 2005-03-14 15:37 UTC |
Document Revision: | 15 |