CVE-2011-4135

Flexera FlexNet Publisher <11.10 - Path Traversal

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-4135. PoCs published by Luigi Auriemma, Alexander Gavrun, juan vazquez, sinn3r, including Metasploit module exploits/windows/license/flexnet_lmgrd_bof.

AI-analyzed exploit summary This Metasploit module exploits a stack buffer overflow in FlexNet License Server Manager (lmgrd) via a maliciously crafted network packet. It leverages SEH overwrites and a custom checksum algorithm to achieve remote code execution.

Description

Multiple directory traversal vulnerabilities in lmgrd in Flexera FlexNet Publisher 11.10 (aka FlexNet License Server Manager) allow remote attackers to execute arbitrary code via vectors related to save, rename, and load operations on log files. NOTE: this might overlap CVE-2011-1389.

Exploits (1)

metasploit WORKING POC NORMAL

by Luigi Auriemma, Alexander Gavrun, juan vazquez, sinn3r · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/license/flexnet_lmgrd_bof.rb

View Code ZIP pw:eip

This Metasploit module exploits a stack buffer overflow in FlexNet License Server Manager (lmgrd) via a maliciously crafted network packet. It leverages SEH overwrites and a custom checksum algorithm to achieve remote code execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: FlexNet License Server Manager (lmgrd) versions 11.5.0.0, 10.8.0.7, 10.8.0.2

No auth needed

Prerequisites: Network access to the target's lmgrd service (default port 27000) · Target software must be running on a vulnerable version

MITRE ATT&CK