A new Flexera Community experience is coming on November 18th, click here for more information.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Summary

plink.exe may crash when using SSH private keys larger than 1kb

Symptoms

An error occurs when attempting to run inventory on a non-windows device.

Using keypair
Authentication http
Doing authentication against a non windows device
User is root

Inventory Task Error:
SSH command summary:
plink.exe -batch -ln "Non-Windows Account (Unix)

Failure reason:
- An unknown error has occurred (3221225477). Please inspect the process output to determine the cause of this error.
TCP command summary:
Failure reason:
- A socket error occurred (No connection could be made because the target machine actively refused it). Please inspect the process output to determine the cause of the error.
RPC command summary:
Failure reason:
- Failed to connect to the Service Manager on the remote device
Windows Error:
- The RPC server is unavailable.
Command:
- \\****\****$\Inventory\ndtrack.exe -t Machine -o UploadLocation=http://**************:80/ManageSoftRL/ -o LogModules=default -o IgnoreConnectionWindows=true -o ShowIcon=false


Event log error for the process that fails:
Faulting application name: plink.exe, version: 0.60.220.0, time stamp: 0x506512ca
Faulting module name: plink.exe, version: 0.60.220.0, time stamp: 0x506512ca
Exception code: 0xc0000005
Fault offset: 0x00039f55
Faulting process id: 0x5cb4
Faulting application start time: 0x01ce13ab0d2f4382
Faulting application path: D:\Program Files (x86)\ManageSoft\RemoteExecution\plink.exe
Faulting module path: D:\Program Files (x86)\ManageSoft\RemoteExecution\plink.exe
Report Id: 4af14486-7f9e-11e2-9eb4-005056a50131


Cause

plink.exe is using a 1kb hard coded buffer for loading the private key stored in the inventory manager password store.

If the private key is larger than 1kb, memory corruption occurs as plink crashes.

Steps To Reproduce

Product version is prior to v9.3 containing this problematic Plink.exe

Resolution

After FNMP v9.3, plink.exe is fixed to prevent crash in plink when SSH private key is > 1kb

Workaround

Replace your current plink.exe by the fixed version in the attachment in this KB article.
We recommend you backup you old plink.exe somewhere else before replacement.
Was this article helpful? Yes No
No ratings
Version history
Last update:
‎Jun 02, 2018 02:07 AM
Updated by: