You need to know if there is a Reprise License Manager Update to Mitigate the “HTTP Header Injection Vulnerability”
IMAGINiT and Reprise have updated their respective files to Mitigate the vulnerability.
It is recommended that your network server admin follow these steps to manually replace the files:
1. Go into Services.msc and stop the “IMAGINiT Reprise License Manager” service.
2. Navigate to the \IMAGINiT Technologies\Reprise License Manager folder and rename the RLM.exe and the rlmutil.exe files.
If you are using the newer version the files will be found in:
C:\Program Files\IMAGINiT Technologies\Reprise License Manager
If you are on the older version the files will be in:
C:\Program Files(x86)\IMAGINiT Technologies\Reprise License Manager
I renamed them to rlm_exe.original and rlmutil_exe.origina just before I pasted in the new ones.
3. For the IMAGINiT Reprise License Manager fixes, download the updates from here: https://www.dropbox.com/s/yrps4lpy32hkekk/RepriseLM_Update_x64_w4_v15.1.zip?dl=0
4. Once downloaded check the box to “Unblock”, click Apply and Ok.
5. Extract the files.
6. Copy/paste these files over to the license manager folder where you renamed the original files.
7. Start the service.
When you bring up the web interface you will need to enter your user name and password. Check the administrator’s manual for the default.
To learn more about the vulnerability see this:
Created by Jeff Lotan - IMAGINiT Technologies Technical Support
About the AuthorFollow on Linkedin More Content by Jeff Lotan