Vulnerability Details CVE-2008-2468
Multiple buffer overflows in the QIP Server Service (aka qipsrvr.exe) in LANDesk Management Suite, Security Suite, and Server Manager 8.8 and earlier allow remote attackers to execute arbitrary code via a crafted heal request, related to the StringToMap and StringSize arguments.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.471
EPSS Ranking 97.5%
CVSS Severity
CVSS v2 Score 10.0
References
- http://community.landesk.com/support/docs/DOC-3276
- http://dvlabs.tippingpoint.com/advisory/TPTI-08-06
- http://secunia.com/advisories/31888
- http://securityreason.com/securityalert/4269
- http://www.kb.cert.org/vuls/id/538011
- http://www.securityfocus.com/archive/1/496369/100/0/threaded
- http://www.securityfocus.com/bid/31193
- http://www.securitytracker.com/id?1020888
- http://www.vupen.com/english/advisories/2008/2588
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45154
- http://community.landesk.com/support/docs/DOC-3276
- http://dvlabs.tippingpoint.com/advisory/TPTI-08-06
- http://secunia.com/advisories/31888
- http://securityreason.com/securityalert/4269
- http://www.kb.cert.org/vuls/id/538011
- http://www.securityfocus.com/archive/1/496369/100/0/threaded
- http://www.securityfocus.com/bid/31193
- http://www.securitytracker.com/id?1020888
- http://www.vupen.com/english/advisories/2008/2588
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45154
Products affected by CVE-2008-2468
-
cpe:2.3:a:landesk:landesk_management_suite:-
-
cpe:2.3:a:landesk:landesk_management_suite:8.7
-
cpe:2.3:a:landesk:landesk_management_suite:8.8
-
cpe:2.3:a:landesk:landesk_security_suite:8.7
-
cpe:2.3:a:landesk:landesk_security_suite:8.8
-
cpe:2.3:a:landesk:landesk_server_manager:*
-
cpe:2.3:a:landesk:landesk_server_manager:8.7