Executive Summary
Summary | |
---|---|
Title | LANDesk QIP service buffer overflow vulnerability |
Informations | |||
---|---|---|---|
Name | VU#538011 | First vendor Publication | 2008-09-17 |
Vendor | VU-CERT | Last vendor Modification | 2008-09-17 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#538011LANDesk QIP service buffer overflow vulnerabilityOverviewThe LANDesk Management Suite Intel QIP service contains a buffer overflow vulnerability.I. DescriptionThe LANDesk Intel QIP Server Service is used to configure policy management. The Intel QIP service allows LANDesk Agents to report status and make certain software requests.A buffer overflow vulnerability exists in the Intel QIP service (Qipsrvr.exe). LANDesk has released updates to address this issue. See LANDesk DOC-3276 for more information.
References
Thanks to LANDesk for technical information that was used in this document. This issue was reported to LANDesk by TippingPoint DVLabs. This document was written by Ryan Giobbi.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/538011 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 2 | |
Application | 1 | |
Application | 1 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
48123 | LANDesk Multiple Products QIP Server Service (qipsrvr.exe) Heal Request Packe... |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | LANDesk Management Suite QIP service heal packet buffer overflow attempt RuleID : 15968 - Revision : 4 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2008-09-19 | Name : The remote Windows host has an application that is affected by a remote buffe... File : landesk_qip_heal_overflow.nasl - Type : ACT_GATHER_INFO |