Summary
The host is running Avaya WinPDM and is prone to multiple buffer overflow vulnerabilities.
Impact
Successful exploitation will allow unauthenticated attackers to cause the application to crash.
Impact Level: Application
Solution
Upgrade to Avaya WinPDM 3.8.5 or later,
For updates refer to http://support.avaya.com/products/
Insight
Multiple flaws are due to a boundary error in,
- Unite Host Router service (UniteHostRouter.exe) when processing certain requests can be exploited to cause a stack-based buffer overflow via long string to the 'To:' field sent to UDP port 3217.
- UspCsi.exe when processing certain crafted overly long string requests can be exploited to cause a heap-based buffer overflow via a specially crafted overly long string sent to UDP port 10136.
- CuspSerialCsi.exe when processing certain crafted overly long string requests can be exploited to cause a heap-based buffer overflow via a specially crafted overly long string sent to UDP port 10158.
- MwpCsi.exe when processing certain crafted overly long string requests can be exploited to cause a heap-based buffer overflow via a specially crafted overly long string sent to UDP port 10137.
- PMServer.exe when processing certain requests can be exploited to cause a heap-based buffer overflow via a specially crafted overly long string sent to UDP port 10138.
Affected
Avaya WinPDM version 3.8.2 and prior
References
- http://osvdb.org/show/osvdb/73271
- http://osvdb.org/show/osvdb/73272
- http://osvdb.org/show/osvdb/73273
- http://packetstormsecurity.org/files/117209/Avaya-WinPMD-UniteHostRouter-Buffer-Overflow.html
- http://secunia.com/advisories/44062/
- http://www.exploit-db.com/exploits/18397/
- https://downloads.avaya.com/css/P8/documents/100140122
Updated on 2017-03-28
