LANDesk Multiple Products QIP Server Service (qipsrvr.exe) Heal Request Packet Handling Overflow

Critical Nessus Plugin ID 34243


The remote Windows host has an application that is affected by a remote buffer overflow vulnerability.


LANDesk Management Suite, used to automate system and security management tasks, is installed on the remote host.

The version of LANDesk Management Suite includes an instance of the Intel QIP Server Service that makes a call to 'MultiByteToWideChar()' using values from packet data. Using a specially crafted 'heal' request, a remote attacker can leverage this issue to control both the pointer to the function's 'StringToMap' and 'StringSize' arguments, overflow a stack or heap buffer depending on the specified sizes, and execute arbitrary code with SYSTEM privileges.


Upgrade to LANDesk 8.7 / 8.8 if necessary and apply the appropriate fix referenced in the vendor advisory.

See Also

Plugin Details

Severity: Critical

ID: 34243

File Name: landesk_qip_heal_overflow.nasl

Version: $Revision: 1.10 $

Type: local

Agent: windows

Family: Windows

Published: 2008/09/19

Modified: 2017/05/16

Dependencies: 10456, 13855

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Available: false

Exploit Ease: No known exploits are available

Reference Information

CVE: CVE-2008-2468

BID: 31193

OSVDB: 48123

Secunia: 31888

CWE: 119