Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Security Update available for Wyse Device Manager - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Security Update available for Wyse Device Manager

From their advisory: "Buffer overflow vulnerabilities have been reported in Wyse Device Manager (WDM) Server and the WDM HAgent. A carefully crafted packet sent to the WDM Server port or the WDM Agent would crash the service, and could potentially allow the attacker to take control of the affected system. The security update addresses the vulnerability by modifying the way WDM validates the data and handles the error resulting in the exploitable condition. Wyse recommends that customers upgrade to the latest version of WDM (4.7.2) and apply the security update at the earliest opportunity."

Cheers,
Adrien de Beaupré
Intru-shun.ca Inc.

Adrien de Beaupre

353 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!