A buffer boundary checking vulnerability in the PowerBroker client binaries (pbrun, pbsh, and pbksh) in releases 2.8 through 5.0 has been discovered. This can leave the PowerBroker client binaries susceptible to a condition where arbitrary code could be executed with root privileges if a custom application is built and used to pass malicious arguments to the client binaries. It would take a highly skilled attacker to deduce the exact information needed to develop all of the components necessary to take advantage of the vulnerability.

In response to this, Symark is immediately making available Service Packs that will remediate this vulnerability.

Please contact Symark Technical Support (818-575-4040 or ) to receive a download password.

A machine which has been affected will contain the following in the master daemon’s diagnostic log (typically pbmasterd.log):

If this sequence does not appear in the master’s diagnostic log, the machine has not been misused during the time period covered by the log file.

Please be aware that these errors can also occur due to routine network problems in your environment. If you see these errors, it does not mean that the vulnerability was taken advantage of. However, the lack of these errors in the log file indicates that no abuse was attempted.

Credit for the discovery of this vulnerability goes to Michael Hale Ligh at MNIN.ORG and Greg Sinclair at NNL Software. Symark would like to thank Michael and Greg for their expertise and the professional manner in which they have assisted us in dealing with this issue.

For Technical Support or Assistance, please contact our Technical Support Department at 818-575-4040 or email us at . For additional information, please contact your Account Manager at (800) 234-9072 or (818) 575-4000.