Secunia Research has discovered two vulnerabilities in Centennial Discovery, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerabilities are caused due to boundary errors in the CentennialIPTransferServer service (XFERWAN.EXE) when parsing strings in received TCP packets. These can be exploited to cause buffer overflows by sending a specially crafted TCP packet with an overly long string.
Successful exploitation allows execution of arbitrary code with SYSTEM privileges.
The vulnerabilities are confirmed in version 2006 Feature Pack 1. Other versions may also be affected.
Solution: The vendor has released a patch available from the customer support site:
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org