HP Intelligent Management Center Endpoint Admission Defense < 5.0 E0101P03 Code Execution Vulnerability

critical Nessus Network Monitor Plugin ID 5984

Synopsis

The remote host has an application installed that is vulnerable to a code execution attack.

Description

Versions of HP Intelligent Management Center Endpoint Admission Defense earlier than 5.0 E0101P03 are potentially affected by a code execution vulnerability in the 'iNOdeMngChecker.exe' component which listens by default on TCP port 9090 because the application fails to validate user supplied data when handling a '0x0A0BF007' packet type. A remote unauthenticated attacker, exploiting this flaw, could potentially execute arbitrary code on the remote host subject to the privileges of the user running the affected application.

Solution

Upgrade to HP Intelligent Management Center Endpoint Admission Defense 5.0 E0101P03 or later.

See Also

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02901775

http://www.zerodayinitiative.com/advisories/ZDI-11-232

Plugin Details

Severity: Critical

ID: 5984

Family: Generic

Published: 7/8/2011

Updated: 3/6/2019

Nessus ID: 55577

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:hp:endpoint_admission_defense

Patch Publication Date: 6/30/2011

Vulnerability Publication Date: 7/1/2011

Exploitable With

CANVAS (White_Phosphorus)

Reference Information

CVE: CVE-2011-1867

BID: 48527