EScan Agent Service MWAGENT.EXE Remote Buffer Overflow Vulnerability
BID:24112
Info
EScan Agent Service MWAGENT.EXE Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 24112 |
| Class: | Input Validation Error |
| CVE: |
CVE-2007-2687 |
| Remote: | Yes |
| Local: | No |
| Published: | May 23 2007 12:00AM |
| Updated: | May 23 2007 10:08PM |
| Credit: | Carsten Eiram of Secunia Research is credited with the discovery of this vulnerability. |
| Vulnerable: |
MicroWorld Technologies eScan 9.0.715.1 |
| Not Vulnerable: |
MicroWorld Technologies eScan 9.0.718.1 |
Discussion
EScan Agent Service MWAGENT.EXE Remote Buffer Overflow Vulnerability
eScan is prone to a buffer-overflow vulnerability because it fails to sufficiently bounds-check user-supplied input.
An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. A successful remote exploit of this issue would result in the complete compromise of affected computers.
This issue affects eScan 9.0.715.1; other versions may also be affected.
eScan is prone to a buffer-overflow vulnerability because it fails to sufficiently bounds-check user-supplied input.
An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. A successful remote exploit of this issue would result in the complete compromise of affected computers.
This issue affects eScan 9.0.715.1; other versions may also be affected.
Exploit / POC
EScan Agent Service MWAGENT.EXE Remote Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
EScan Agent Service MWAGENT.EXE Remote Buffer Overflow Vulnerability
Solution:
The vendor released an update to address this issue. Please see the references for more information.
Solution:
The vendor released an update to address this issue. Please see the references for more information.
References
EScan Agent Service MWAGENT.EXE Remote Buffer Overflow Vulnerability
References:
References:
- eScan Homepage (MicroWorld Technologies)
- eScan Products Agent Service Command Decryption Buffer Overflow (Secunia Research)
- Secunia Research: eScan Products Agent Service Command Decryption Buffer Overflo (Secunia)