Vulnerability Note VU#654545
Wyse Device Manager (WDM) HServer and HAgent contain multiple vulnerabilities
Wyse Device Manager (WDM) Server and HAgent contain several vulnerabilities. An attacker with network access to WDM components could execute arbitrary code on vulnerable systems.
Wyse Device Manager (WDM, formerly known as Wyse Rapport) manages thin clients. Part of the server component (HServer) is implemented as an ISAPI filter on the Microsoft Windows Internet Information Server (IIS) platform. The client component (HAgent) runs as a service on Microsoft Windows systems.
WDM components contain several vulnerabilities:
An attacker with network access to WDM components could execute arbitrary code on a vulnerable system. The attacker could also execute unauthenticated management commands on a system running HAgent.
Please see Wyse Security Bulletin WSB09-01.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Wyse||Affected||04 Jul 2009||23 Jul 2009|
CVSS Metrics (Learn More)
These vulnerabilities were analyzed and reported by Kevin Finisterre of Netragard/SNOsoft.
This document was written by Art Manion.
- CVE IDs: CVE-2009-0693 CVE-2009-0695
- Date Public: 10 Jul 2009
- Date First Published: 13 Oct 2009
- Date Last Updated: 16 Oct 2009
- Severity Metric: 13.51
- Document Revision: 23
If you have feedback, comments, or additional information about this vulnerability, please send us email.