Posted by Research () NGSSecure on May 24Lumension Device Control (formerly Sanctuary) remote memory corruption
Andy Davis of NGS Secure has discovered a high risk vulnerability in Lumension Device Control. Sending a specially
crafted packet to a TCP service running on the Lumension Application Server results in a memory corruption
vulnerability being triggered and potentially arbitrary code execution.
Versions affected include:
Lumension Device Control v4.4 SR6 and...