The agent in Bradford Network Sentry prior to 5.3.3 does not require authentication for messages, which allows remote malicious users to trigger the display of arbitrary text on a workstation via a crafted packet to UDP port 4567, as demonstrated by a replay attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bradfordnetworks network_sentry_appliance_software |
||
bradfordnetworks network_sentry_appliance ns500rx |
||
bradfordnetworks network_sentry_appliance ns500x |