CVE-2015-6946 – Borland AccuRev Reprise License Server service_setup_doit Command Stack Buffer Overflow Vulnerability

https://notcve.org/view.php?id=CVE-2015-6946

Multiple stack-based buffer overflows in the Reprise License Manager service in Borland AccuRev allow remote attackers to execute arbitrary code via the (1) akey or (2) actserver parameter to the activate_doit function or (3) licfile parameter to the service_startup_doit functionality. Múltiples desbordamientos de búfer en la región stack de la memoria en el servicio Reprise License Manager en Borland AccuRev, permiten a los atacantes remotos ejecutar código arbitrario por medio del parámetro akey o (2) actserver en la función activate_doit o (3) el parámetro licfile en la funcionalidad service_startup_doit. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Borland AccuRev. Authentication is not required to exploit this vulnerability. The specific flaw exists within the service_startup_doit functionality of the Reprise License Manager service. The issue lies in the handling of the licfile parameter which can result in overflowing a stack-based buffer. • http://www.zerodayinitiative.com/advisories/ZDI-15-412 http://www.zerodayinitiative.com/advisories/ZDI-15-414 http://www.zerodayinitiative.com/advisories/ZDI-15-416 https://redr2e.com/cve-to-poc-cve-2015-6946 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •