License managers: The Phantom Menace

Tiny little thing that can cause huge problems - license manager. We've studied the state of security of some major vendors and custom-made ones and would like to deliver some results about three examples:
1) Gemalto License Manager - one of the most popular solutions. Used as a combination of USB token and software driver;
2) Flexnet License manager - also a very popular solution. We've identified some logical and binary vulnerabilities (up to LPE and RCE);
3) And some other license managers.

Some software solutions have Gemalto and Flexnet in their installation packages and some customization makes the state of security even worse. Such examples will be covered during the presentation.

** This talk is co-presented with Vladimir Dashchenko.