HP Intelligent Management Center Multiple Vulnerabilities

This script is Copyright (C) 2011 Tenable Network Security, Inc.


Synopsis :

The version of HP Intelligent Management Center running on the remote
host is affected by multiple vulnerabilities.

Description :

The version of HP Intelligent Management Center running on the remote
host contains a number of vulnerabilities that can be exploited
remotely without authentication, including code execution and
arbitrary file creation.

See also :

http://www.zerodayinitiative.com/advisories/ZDI-11-160/
http://www.zerodayinitiative.com/advisories/ZDI-11-161/
http://www.zerodayinitiative.com/advisories/ZDI-11-162/
http://www.zerodayinitiative.com/advisories/ZDI-11-163/
http://www.zerodayinitiative.com/advisories/ZDI-11-164/
http://www.zerodayinitiative.com/advisories/ZDI-11-165/
http://www.zerodayinitiative.com/advisories/ZDI-11-166/
http://archives.neohapsis.com/archives/bugtraq/2011-05/0083.html
http://archives.neohapsis.com/archives/bugtraq/2011-05/0082.html
http://archives.neohapsis.com/archives/bugtraq/2011-05/0089.html
http://archives.neohapsis.com/archives/bugtraq/2011-05/0102.html
http://archives.neohapsis.com/archives/bugtraq/2011-05/0084.html
http://archives.neohapsis.com/archives/bugtraq/2011-05/0088.html
http://archives.neohapsis.com/archives/bugtraq/2011-05/0097.html
http://www.nessus.org/u?cd59d8c8

Solution :

Upgrade to 5.0_E0101L02 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Gain a shell remotely

Nessus Plugin ID: 54999 ()

Bugtraq ID: 47789

CVE ID: CVE-2011-1848
CVE-2011-1849
CVE-2011-1850
CVE-2011-1851
CVE-2011-1852
CVE-2011-1853
CVE-2011-1854