CVE-2016-3147

SUMMARY

The following vulnerability was found in Landesk Management Suite Collector Service

CVE-2016-3147

A specific packet receiving function inside the collector.exe listener of the Landesk Management Suite does not properly check the length of an allocated buffer before copying packet data to said buffer. As a result a packet of sufficient length will overflow onto the stack, which results in a buffer overflow.

IMPACT

Access Vector:Local
Access Complexity:Low
Authentication:Not required to exploit
Impact Type:Allows unauthorized disclosure of information; code execution; disruption of service
Privilege Level:SYSTEM

AFFECTED PRODUCTS

Landesk Management Suite (collector.exe version 10.0.0.271 and previous)

SOFTWARE FIXES

None currently

TIMELINE

06.30.2016

Contact Landesk about bug and provide analysis with POC.

07.01.2016

Vendor Responds With Ticket Number and Passes Details To Developers

07.13.2016

Contact Mitre and Receive CVE ID

08.18.2016

Vendor Claims to Have Fixed Bug and Patch Is Slated For Next Release

09.27.2016

Download latest release to validate patch.

09.27.2016

Notify Vendor that Bug Remains And Was Not Fixed

09.28.2016

Vendor Confirms Bug Remains And Patch Will Be In Next Release

10.03.2016

Vendor Reminded Of 90 Day Disclosure Period & Subsequent Release

10.12.2016

Vulnerability Note Released

SUMMARY

The following vulnerability was found in Landesk Management Suite Collector Service

CVE-2016-3147

IMPACT

AFFECTED PRODUCTS

SOFTWARE FIXES

None currently

TIMELINE

06.30.2016

07.01.2016

07.13.2016

08.18.2016

09.27.2016

09.27.2016

09.28.2016

10.03.2016

10.12.2016

REFERENCES