HP Intelligent Management Center User Access Manager Datagram Parsing Code Execution

This script is Copyright (C) 2012 Tenable Network Security, Inc.

Synopsis :

The remote host has a user access management application installed that
is affected by a code execution vulnerability.

Description :

According to its version number, the HP Intelligent Management Center
User Access Manager installed on the remote host is affected by a
stack-based buffer overflow vulnerability. By sending a specially
crafted datagram, a remote, unauthenticated attacker could execute
arbitrary code on the remote host subject to the privileges of the user
running the affected application.

See also :


Solution :

Upgrade to HP Intelligent Management Center User Access Manager 5.1 SP1
or later.

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 63265 ()

Bugtraq ID: 55271

CVE ID: CVE-2012-3274

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial