This script is Copyright (C) 2008-2017 Tenable Network Security, Inc.
The remote Windows host has an application that is affected by a
remote buffer overflow vulnerability.
LANDesk Management Suite, used to automate system and security
management tasks, is installed on the remote host.
The version of LANDesk Management Suite includes an instance of the
Intel QIP Server Service that makes a call to 'MultiByteToWideChar()'
using values from packet data. Using a specially crafted 'heal'
request, a remote attacker can leverage this issue to control both the
pointer to the function's 'StringToMap' and 'StringSize' arguments,
overflow a stack or heap buffer depending on the specified sizes, and
execute arbitrary code with SYSTEM privileges.
See also :
Upgrade to LANDesk 8.7 / 8.8 if necessary and apply the appropriate
fix referenced in the vendor advisory.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.4
Public Exploit Available : false