Intrusion Prevention

LANDesk.Management.Suite.Alert.Service.Stack.Overflow

Description

This indicates an attack attempt against a buffer-overflow vulnerability in LANDesk Management Suite.
The vulnerability is due to a boundary error when processing specially crafted user data received by the Alert Service via port 65535/UDP. It allows a remote attacker to execute arbitrary code.

Affected Products

LANDesk Management Suite v8.7 and prior versions

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to the latest Service Pack and apply hotfix INST-11050687.2:
http://kb.landesk.com/al/12/4/article.asp?aid=4142&tab=search&bt=4

CVE References

CVE-2007-1674