The LANDesk Management Suite Intel QIP service contains a buffer overflow vulnerability.
The LANDesk Intel QIP Server Service is used to configure policy management. The Intel QIP service allows LANDesk Agents to report status and make certain software requests.
A buffer overflow vulnerability exists in the Intel QIP service (
A remote, unauthenticated attacker may be able to execute code with system privileges.
LANDesk has released updates to address this issue. See LANDesk DOC-3276 for more information.
The QIP service listens on
12175/tcp by default. Restricting access to this port by using access control lists or port filters may prevent this vulnerablility from being exploited.
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Updated: September 17, 2008
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
See <http://community.landesk.com/support/docs/DOC-3276> for more details.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Group | Score | Vector
Base | |
Temporal | |
Environmental | |
Thanks to LANDesk for technical information that was used in this document. This issue was reported to LANDesk by TippingPoint DVLabs.
This document was written by Ryan Giobbi.
CVE IDs: | CVE-2008-2468
Severity Metric: | 3.21
Date Public: | 2008-09-12
Date First Published: | 2008-09-17
Date Last Updated: | 2008-09-17 14:21 UTC
Document Revision: | 11