Vulnerabilities > CVE-2005-0353 - Remote Buffer Overflow vulnerability in Safenet Sentinel License Manager 7.2.0.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Buffer overflow in the Sentinel LM (Lservnt) service in the Sentinel License Manager 7.2.0.2 allows remote attackers to execute arbitrary code by sending a large amount of data to UDP port 5093.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description SentinelLM UDP Buffer Overflow. CVE-2005-0353. Remote exploit for windows platform id EDB-ID:16746 last seen 2016-02-02 modified 2010-05-09 published 2010-05-09 reporter metasploit source https://www.exploit-db.com/download/16746/ title SentinelLM UDP Buffer Overflow description Sentinel LM 7.x UDP License Service Remote Buffer Overflow Exploit. CVE-2005-0353. Remote exploit for windows platform id EDB-ID:875 last seen 2016-01-31 modified 2005-03-13 published 2005-03-13 reporter class101 source https://www.exploit-db.com/download/875/ title Sentinel LM 7.x UDP License Service Remote Buffer Overflow Exploit
Metasploit
| description | This module exploits a simple stack buffer overflow in the Sentinel License Manager. The SentinelLM service is installed with a wide selection of products and seems particular popular with academic products. If the wrong target value is selected, the service will crash and not restart. |
| id | MSF:EXPLOIT/WINDOWS/LICENSE/SENTINEL_LM7_UDP |
| last seen | 2020-01-14 |
| modified | 2017-07-24 |
| published | 2005-12-26 |
| references | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0353 |
| reporter | Rapid7 |
| source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/license/sentinel_lm7_udp.rb |
| title | SentinelLM UDP Buffer Overflow |
Nessus
| NASL family | Gain a shell remotely |
| NASL id | SENTINEL_OVERFLOW.NASL |
| description | The remote host is running a version of Sentinel License Manager that is subject to remote buffer overflows. By sending 3000 bytes or more to the UDP port on which it listens (5093 by default), a remote attacker can crash the LServnt.exe service, overwrite the EIP register, and possibly execute arbitrary code. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 17326 |
| published | 2005-03-15 |
| reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/17326 |
| title | Sentinel License Manager lservnt Service Remote Buffer Overflow |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/83234/sentinel_lm7_udp.rb.txt |
| id | PACKETSTORM:83234 |
| last seen | 2016-12-05 |
| published | 2009-11-26 |
| reporter | H D Moore |
| source | https://packetstormsecurity.com/files/83234/SentinelLM-UDP-Buffer-Overflow.html |
| title | SentinelLM UDP Buffer Overflow |
References
- http://marc.info/?l=bugtraq&m=111022094326772&w=2
- http://marc.info/?l=full-disclosure&m=111072872816405&w=2
- http://secunia.com/advisories/14511
- http://www.cirt.dk/advisories/cirt-30-advisory.pdf
- http://www.kb.cert.org/vuls/id/108790
- http://www.securityfocus.com/bid/12742
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19621