Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Raytheon SilentRunner Vulnerabilities

Raytheon SilentRunner Vulnerabilities

by phiber on August 9th, 2001 Two vulnerabilities in this traffic monitoring tool: the first one deals with knowledge browser buffer overflow and the second one deals with password processing buffer overflow.


First vulnerability:(ver. 2.0, 2.01)

The traffic analysis component of SilentRunner is called "Knowledge Browser". Knowledge Browser contains a buffer overflow vulnerability in it's processing of HTTP requests. Certain oversized requests can trigger the overflow condition when a user invokes Knowledge Browser.

- This vulnerability may be exploited by remote attackers to crash or execute arbitrary code on hosts running Knowledge Browser.


Second vulnerability(ver 2.0):

The SilentRunner component responsible for 'sniffing' network traffic is called 'Collector'. Collector contains buffer overflow conditions present when processing passwords for various application protocols.

- It may be possible for remote attackers to exploit this vulnerability to crash SilentRunner Collector or execute arbitrary code on the underlying host.

- In version 2.0.1 of SilentRunner this vulnerability has been fixed, but
the software still remains vulnerable to the first one.



SilentRunner web page is here.

Credits for this vulnerabilities go to John Ventura, ISS.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »