SafeNet Sentinel License Manager contains a buffer overflow vulnerability, which may allow a remote unauthenticated attacker to execute arbitrary code on the server.
A remote, unauthenticated attacker may be able to execute arbitrary code on the Sentinel LM server with the rights of the service. Sentinel LM runs as "SYSTEM" by default on Windows systems.
Apply a patch or upgrade
According to the CIRT.DK advisory, this issue is resolved in Sentinel License Manager 8.0
Thanks to Dennis Rand of CIRT.DK for reporting this vulnerability.
This document was written by Will Dormann.
|Date First Published:||2005-03-08|
|Date Last Updated:||2005-03-14 15:37 UTC|