CVE-2008-2468

Sažetak

Multiple buffer overflows in the QIP Server Service (aka qipsrvr.exe) in LANDesk Management Suite, Security Suite, and Server Manager 8.8 and earlier allow remote attackers to execute arbitrary code via a crafted heal request, related to the StringToMap and StringSize arguments.

Reference

http://community.landesk.com/support/docs/DOC-3276
http://dvlabs.tippingpoint.com/advisory/TPTI-08-06
http://secunia.com/advisories/31888
http://securityreason.com/securityalert/4269
http://www.kb.cert.org/vuls/id/538011
http://www.securityfocus.com/archive/1/496369/100/0/threaded
http://www.securityfocus.com/bid/31193
http://www.securitytracker.com/id?1020888
http://www.vupen.com/english/advisories/2008/2588
https://exchange.xforce.ibmcloud.com/vulnerabilities/45154

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

11-10-2018 - 20:41

Objavljeno

18-09-2008 - 15:04