Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

HP Intelligent Management Center < 5.0 E0101-L02 Multiple Vulnerabilities

Critical

Synopsis

The remote host has an application installed that is affected by multiple vulnerabilities.

Description

Versions of HP Intelligent Management Center earlier than 5.0 E0101-L02 are potentially affected by multiple vulnerabilities :

- A stack-based buffer overflow vulnerability exists in the 'img.exe' component. (CVE-2011-1848)

- An unspecified vulnerability in the 'tftpserver.exe' component exists which could allow an attacker to create arbitrary files on the server. (CVE-2011-1849)

- A stack-based buffer overflow vulnerability exists in the 'dbman.exe' component. (CVE-2011-1850)

- Multiple buffer overflow vulnerabilities exist in the 'tftpserver.exe' component. (CVE-2011-1851, CVE-2011-1852, CVE-2011-1853)

- A use-after-free vulnerability exists in the 'imcsyslogdm.exe' component. (CVE-2011-1854)

Solution

Upgrade to HP Intelligent Management Center 5.0 E0101-L02 or later.