Secunia Security Advisory - Luigi Auriemma has discovered some vulnerabilities in MG-SOFT Net Inspector, which can be exploited by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
7b89d8291d45e145a6c12a6c93f9f4d9aeb957a45d891bbe3ff21fceaae1a3be
----------------------------------------------------------------------
A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI
has been released. The new version includes many new and advanced
features, which makes it even easier to stay patched.
Download and test it today:
https://psi.secunia.com/
Read more about this new version:
https://psi.secunia.com/?page=changelog
----------------------------------------------------------------------
TITLE:
MG-SOFT Net Inspector Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA29421
VERIFY ADVISORY:
http://secunia.com/advisories/29421/
CRITICAL:
Moderately critical
IMPACT:
Exposure of system information, Exposure of sensitive information,
DoS, System access
WHERE:
>From remote
SOFTWARE:
MG-SOFT Net Inspector 6.x
http://secunia.com/product/17951/
DESCRIPTION:
Luigi Auriemma has discovered some vulnerabilities in MG-SOFT Net
Inspector, which can be exploited by malicious people to disclose
sensitive information, cause a DoS (Denial of Service), or
potentially compromise a vulnerable system.
1) A format string error in the Net Inspector HTTP server (mghttpd)
can be exploited via a specially crafted HTTP GET request containing
format string specifiers.
Successful exploitation may allow execution of arbitrary code.
2) Input passed via e.g. a HTTP GET request to the Net Inspector HTTP
Server (mghttpd) is not properly sanitised before being used. This can
be exploited to display arbitrary files via directory traversal
attacks.
3) An error exists in the SNMP Trap Service (MgWTrap3.exe) when
processing UDP requests. This can be exploited to crash an affected
service via an UDP packet sent to the arbitrary port on which
MgWTrap3.exe is listening.
4) An error exists in the Net Inspector Server (niengine) when
processing network packets. This can be exploited to freeze the
service via a specially crafted packet sent to TCP port 5221 by
default.
The vulnerabilities are confirmed in version 6.5 on Windows. Other
versions may also be affected.
SOLUTION:
Restrict access to trusted users only.
PROVIDED AND/OR DISCOVERED BY:
Luigi Auriemma
ORIGINAL ADVISORY:
http://aluigi.altervista.org/adv/netinsp-adv.txt
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------