RSA.Authentication.Agent.Redirect.Buffer.Overflow
Description
This indicates an attempt at exploiting a stack-based buffer-overflow vulnerability in the RSA Authentication Agent for Web.
This vulnerability is caused by a flaw in IISWebAgentIF.dll. A remote attacker may exploit this via a long URL parameter in the Redirect method, resulting in arbitrary code execution.
Affected Products
SecurID Web Agent 5.2 and 5.3
Impact
System compromise.
Recommended Actions
Apply the following patch:
ftp://ftp.rsasecurity.com/support/Patches/Ace/Agent/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |