APP: NetSupport Manager Client Buffer Overflow

This signature detects attempts to exploit a known vulnerability in the NetSupport Manager client daemon process. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the affected application.

Extended Description

NetSupport Manager is prone to a buffer-overflow vulnerability because it fails to properly validate user-supplied input. Successfully exploiting this issue may allow remote attackers to execute arbitrary code in the context of the user running the application. Failed exploit attempts will likely result in denial-of-service conditions. The issue affects the following: NetSupport Manager 11.00 (for Linux) NetSupport Manager 9.50 (for Solaris) NetSupport Manager 11.00 (for Mac OS X) Prior versions may also be affected.

Affected Products

Netsupport netsupport_manager

References

BugTraq: 45728

CVE: CVE-2011-0404

URL: http://seclists.org/fulldisclosure/2011/Jan/90 http://archives.neohapsis.com/archives/fulldisclosure/2011-01/0090.html

Short Name

APP:NETSUPPORT-MANAGER-BO

Severity

Major

Recommended

False

Recommended Action

Drop

APP: NetSupport Manager Client Buffer Overflow

Extended Description

Affected Products

References

Found a potential security threat?