[Full-disclosure] Vulnerability in Tembria Server Monitor
- From: Security <security@xxxxxxxxxx>
- Date: Fri, 9 Apr 2010 23:48:10 +0200
Please find the advisory in attachment.
Corelan TeamAdvisory CORELAN-10-022
Reference : CVE-2010-1316
Disclosure date : April 8th, 2010
00 : Vulnerability information
Product : Tembria Server Monitor
Version : 5.6.0
Vendor : Don Leclair / tembria.com
URL : http://www.tembria.com/download/
Platform : Windows
Type of vulnerability : Stack overflow
Risk rating : Medium
Issue fixed in version : 5.6.1 (released april 8)
Vulnerability discovered by : Lincoln
Corelan Team :
01 : Vendor description of software
From the vendor website:
"Tembria Server Monitor continuously monitors your network for potential
problems so you don't have to. Supporting popular Internet protocols, Tembria
Server Monitor watches for specific conditions and notifies you if a problem is
02 : Vulnerability details
The HTTP service is vulnerable to a buffer overflow, allowing a malicious
person to trigger a remote Denial Of Service condition by sending a specially
crafted GET,PUT, or HEAD request to the Server.The application service then
immediately stops and requires the user to restart the service.
Remote code execution may be possible.
No user intervention is required to trigger the overflow/DoS.
Corelan would like to mention that the software vendor was very cooperative and
proactive with communication and addressing the issue in a timely manner.
03 : Author/Vendor communication
March 31 2010 : author contacted
March 31 2010 : author replies, ask for proof of concept
March 31 2010 : Corelan sends proof of concept
April 5 2010 : Corlean ask for update
April 5 2010 : author replies back with patched software
April 5 2010 : Corelan verifies issue fixed in new version
April 8 2010 : fixed version released
April 9 2010 : public disclosure
Proof of concept is available at the following URL :
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
- Prev by Date: Re: [Full-disclosure] Vulnerabilities in TAK cms
- Next by Date: [Full-disclosure] [USN-927-1] NSS vulnerability
- Previous by thread: [Full-disclosure] ZDI-10-068: Apple QuickTime H.263 Array Index Parsing Remote Code Execution Vulnerability
- Next by thread: [Full-disclosure] [USN-927-1] NSS vulnerability