Detections
Analytics

HP Intelligent Management Center TFTP Multiple Vulnerabilities

critical Nessus Plugin ID 54986

Language:

Synopsis

The version of HP Intelligent Management Center's TFTP server running on the remote host is affected by multiple vulnerabilities.

Description

A TFTP server belonging to HP Intelligent Management Center is running on the remote host. This is a collection point for any HP Intelligent Management Center clients on the network.

The installed version of this server contains a number of vulnerabilities, including code execution and arbitrary file creation.

It is also likely that the HP Intelligent Management Center install itself is affected by other vulnerabilities, although this plugin has not checked for those issues.

Solution

Upgrade to 5.0_E0101L02 or later.

See Also

https://www.zerodayinitiative.com/advisories/ZDI-11-161/

https://www.zerodayinitiative.com/advisories/ZDI-11-163/

https://www.zerodayinitiative.com/advisories/ZDI-11-164/

https://www.zerodayinitiative.com/advisories/ZDI-11-165/

https://seclists.org/bugtraq/2011/May/84

https://seclists.org/bugtraq/2011/May/99

https://seclists.org/bugtraq/2011/May/83

https://seclists.org/bugtraq/2011/May/87

Plugin Details

Severity: Critical

ID: 54986

File Name: tftp_hp_imc_multiple_vulnerabilities.nasl

Version: 1.8

Type: remote

Published: 6/7/2011

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:hp:intelligent_management_center

Exploit Ease: No known exploits are available

Reference Information

CVE: CVE-2011-1849, CVE-2011-1851, CVE-2011-1852, CVE-2011-1853

BID: 47789