- Description
- Multiple buffer overflows in the CentennialIPTransferServer service (XFERWAN.EXE), as used by (1) Centennial Discovery 2006 Feature Pack 1, (2) Numara Asset Manager 8.0, and (3) Symantec Discovery 6.5, allow remote attackers to execute arbitrary code via long strings in a crafted TCP packet.
- Source
- PSIRT-CNA@flexerasoftware.com
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:centennial:discovery:2006_featurepack1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E9336740-2AB3-4189-8EDE-3D12A3AFDB57"
},
{
"criteria": "cpe:2.3:a:numara:asset_manager:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F8AE39DA-388A-414F-B58A-B7B0E9B4FC12"
},
{
"criteria": "cpe:2.3:a:symantec:discovery:6.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8679A66E-0AEB-42E3-938D-E7AEC74A6C62"
}
],
"operator": "OR"
}
]
}
]