ID

VAR-201206-0002


CVE

CVE-2009-0695


TITLE

Wyse Device Manager (WDM) HServer and HAgent contain multiple vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#654545

DESCRIPTION

hagent.exe in Wyse Device Manager (WDM) 4.7.x does not require authentication for commands, which allows remote attackers to obtain management access via a crafted query, as demonstrated by a V52 query that triggers a power-off action. Wyse Device Manager (WDM) Server and HAgent contain several vulnerabilities. An attacker with network access to WDM components could execute arbitrary code on vulnerable systems. Successful exploits will allow remote attackers to execute arbitrary commands within the context of the affected application. Successfully exploiting this issue may allow an attacker to bypass security restrictions and perform unauthorized actions

Trust: 2.97

sources: NVD: CVE-2009-0695 // CERT/CC: VU#654545 // JVNDB: JVNDB-2012-002801 // BID: 54015 // BID: 54028 // VULHUB: VHN-38141

AFFECTED PRODUCTS

vendor:dellmodel:wyse device managerscope:eqversion:4.7.0

Trust: 1.6

vendor:dellmodel:wyse device managerscope:eqversion:4.7.2

Trust: 1.6

vendor:dellmodel:wyse device managerscope:eqversion:4.7.1

Trust: 1.6

vendor:wysemodel: - scope: - version: -

Trust: 0.8

vendor:wisemodel:wyse device managerscope:eqversion:4.7.x

Trust: 0.8

vendor:wysemodel:device manager workgroup editionscope:eqversion:4.7.2

Trust: 0.3

vendor:wysemodel:device manager workgroup editionscope:eqversion:4.7

Trust: 0.3

vendor:wysemodel:device manager enterprise editionscope:eqversion:4.7.2

Trust: 0.3

vendor:wysemodel:device manager enterprise editionscope:eqversion:4.7

Trust: 0.3

vendor:wysemodel:thin clientscope:eqversion:0

Trust: 0.3

sources: CERT/CC: VU#654545 // BID: 54015 // BID: 54028 // JVNDB: JVNDB-2012-002801 // CNNVD: CNNVD-201206-354 // NVD: CVE-2009-0695

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2009-0695
value: HIGH

Trust: 1.0

CARNEGIE MELLON: VU#654545
value: 13.51

Trust: 0.8

NVD: CVE-2009-0695
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201206-354
value: HIGH

Trust: 0.6

VULHUB: VHN-38141
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2009-0695
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-38141
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#654545 // VULHUB: VHN-38141 // JVNDB: JVNDB-2012-002801 // CNNVD: CNNVD-201206-354 // NVD: CVE-2009-0695

PROBLEMTYPE DATA

problemtype:CWE-287

Trust: 1.9

sources: VULHUB: VHN-38141 // JVNDB: JVNDB-2012-002801 // NVD: CVE-2009-0695

THREAT TYPE

network

Trust: 0.6

sources: BID: 54015 // BID: 54028

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201206-354

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-002801

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-38141

PATCH

title:Wyse Device Managerurl:http://www.wyse.com/products/software/management/WDM

Trust: 0.8

sources: JVNDB: JVNDB-2012-002801

EXTERNAL IDS

db:CERT/CCid:VU#654545

Trust: 3.9

db:NVDid:CVE-2009-0695

Trust: 3.1

db:EXPLOIT-DBid:19137

Trust: 1.7

db:OSVDBid:55808

Trust: 0.8

db:JVNDBid:JVNDB-2012-002801

Trust: 0.8

db:CNNVDid:CNNVD-201206-354

Trust: 0.7

db:FULLDISCid:20090710 'SECURE' WYSE THIN CLIENTS VULNERABLE TO REMOTE EXPLOIT BUGS

Trust: 0.6

db:BIDid:54028

Trust: 0.4

db:BIDid:54015

Trust: 0.4

db:PACKETSTORMid:113683

Trust: 0.1

db:PACKETSTORMid:82289

Trust: 0.1

db:EXPLOIT-DBid:9934

Trust: 0.1

db:SEEBUGid:SSVID-66986

Trust: 0.1

db:VULHUBid:VHN-38141

Trust: 0.1

sources: CERT/CC: VU#654545 // VULHUB: VHN-38141 // BID: 54015 // BID: 54028 // JVNDB: JVNDB-2012-002801 // CNNVD: CNNVD-201206-354 // NVD: CVE-2009-0695

REFERENCES

url:http://www.wyse.com/serviceandsupport/wyse%20security%20bulletin%20wsb09-01.pdf

Trust: 3.1

url:http://www.theregister.co.uk/2009/07/10/wyse_remote_exploit_bugs/

Trust: 3.1

url:http://www.kb.cert.org/vuls/id/654545

Trust: 3.1

url:http://archives.neohapsis.com/archives/fulldisclosure/2009-07/0101.html

Trust: 2.5

url:http://www.exploit-db.com/exploits/19137/

Trust: 1.7

url:http://osvdb.org/show/osvdb/55808

Trust: 0.8

url:http://www.wyse.com/serviceandsupport/support/wsb09-01.zip

Trust: 0.8

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0695

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-0695

Trust: 0.8

url:http://www.wyse.com/products/software/devicemanager/index.asp

Trust: 0.3

url:http://wyse.com/index.asp

Trust: 0.3

sources: CERT/CC: VU#654545 // VULHUB: VHN-38141 // BID: 54015 // BID: 54028 // JVNDB: JVNDB-2012-002801 // CNNVD: CNNVD-201206-354 // NVD: CVE-2009-0695

CREDITS

Kevin Finisterre of Netragard/SNOsoft

Trust: 0.3

sources: BID: 54015

SOURCES

db:CERT/CCid:VU#654545
db:VULHUBid:VHN-38141
db:BIDid:54015
db:BIDid:54028
db:JVNDBid:JVNDB-2012-002801
db:CNNVDid:CNNVD-201206-354
db:NVDid:CVE-2009-0695

LAST UPDATE DATE

2025-04-11T23:16:45.130000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#654545date:2009-10-16T00:00:00
db:VULHUBid:VHN-38141date:2012-06-26T00:00:00
db:BIDid:54015date:2009-07-10T00:00:00
db:BIDid:54028date:2009-10-13T00:00:00
db:JVNDBid:JVNDB-2012-002801date:2012-06-21T00:00:00
db:CNNVDid:CNNVD-201206-354date:2012-06-20T00:00:00
db:NVDid:CVE-2009-0695date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:CERT/CCid:VU#654545date:2009-10-13T00:00:00
db:VULHUBid:VHN-38141date:2012-06-19T00:00:00
db:BIDid:54015date:2009-07-10T00:00:00
db:BIDid:54028date:2009-10-13T00:00:00
db:JVNDBid:JVNDB-2012-002801date:2012-06-21T00:00:00
db:CNNVDid:CNNVD-201206-354date:2012-06-20T00:00:00
db:NVDid:CVE-2009-0695date:2012-06-19T20:55:02.630