Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1867

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2011-1867
Last Modified 21 Sep 2011 11:31:02
Published 11 Jul 2011 04:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-1867

Summary

Stack-based buffer overflow in iNodeMngChecker.exe in the User Access Manager (UAM) 5.0 before SP1 E0101P03 and Endpoint Admission Defense (EAD) 5.0 before SP1 E0101P03 components in HP Intelligent Management Center (aka iNode Management Center) allows remote attackers to execute arbitrary code via a 0x0A0BF007 packet.

Vulnerable Systems

Application

  • Hp Endpoint Admission Defense 5.0

  • Hp Intelligent Management Center

  • Hp User Access Manager 5.0


References

XF - hp-imc-unspec-code-execution(68348)

MISC - http://www.zerodayinitiative.com/advisories/ZDI-11-232/

BID - 48527

BUGTRAQ - 20110701 ZDI-11-232: HP iNode Management Center iNodeMngChecker.exe Remote Code Execution Vulnerability

OSVDB - 73597

SECTRACK - 1025740

SREASON - 8302

SECUNIA - 45129

HP - HPSB3C02687

HP - SSRT100377


Last Updated: 27 May 2016 10:56:50