Compaq Insight Manager XE DMI Remote Overflow

2001-09-01T00:00:00
ID OSVDB:11310
Type osvdb
Reporter OSVDB
Modified 2001-09-01T00:00:00

Description

Vulnerability Description

A remote overflow exists in Compaq Insight Manager XE. The server fails to properly check bounds on DMI requests resulting in a buffer overflow. With a specially crafted request an attacker can execute arbitrary code with administrative privileges resulting in a loss of integrity.

Solution Description

Upgrade to version 2.1c or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

A remote overflow exists in Compaq Insight Manager XE. The server fails to properly check bounds on DMI requests resulting in a buffer overflow. With a specially crafted request an attacker can execute arbitrary code with administrative privileges resulting in a loss of integrity.

References:

Vendor Specific Advisory URL Related OSVDB ID: 11309 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2001-11/0272.html ISS X-Force ID: 7411 CVE-2001-0840 CERT VU: 908611 Bugtraq ID: 3482