Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:89D9700DBB0B66D8E27B7CDCB47A9902
HistoryJan 26, 2012 - 12:00 a.m.

HP Diagnostics Server magentservice.exe Integer Wrap

2012-01-2600:00:00
SAINT Corporation
www.saintcorporation.com
18

0.948 High

EPSS

Percentile

99.1%

JSON

Added: 01/26/2012
CVE: CVE-2011-4789
BID: 51398
OSVDB: 78309

Background

HP Diagnostics software monitors application transaction health in traditional, virtualized and cloud environments.

Problem

A vulnerability exists in the way the magentservice.exe service handles network requests. Subtraction is applied to part of the packet to determine how much memory to allocate. If a message is crafted such that an integer wrap occurs during this subtraction, a stack overflow may occur, which may allow an attacker to gain execution control.

Resolution

A patch is not available at the time of publication. Limit access to TCP port 23472.

References

<http://www.zerodayinitiative.com/advisories/ZDI-12-016/&gt;

Limitations

This exploit has been tested against HP Diagnostics Server 9.10 on Windows Server 2003 SP2 English (DEP OptOut) with KB956802 and KB2393802.

Exploit requires the IO-Socket-SSL PERL module to be installed on the scanning host. This module is available from <http://www.cpan.org/modules/by-module/IO/&gt;.

Platforms

Windows

Related

cve 1
checkpoint_advisories 1
saint 3
nessus 2
securityvulns 5
openvas 2
cvelist 1
packetstorm 1
prion 1
zdi 1
cve
cve
CVE-2011-4789
2012-01-13 04:14:00
checkpoint_advisories
checkpoint_advisories
HP Diagnostics magentservice.exe Code Execution (CVE-2011-4789)
2012-05-14 00:00:00
saint
saint
HP Diagnostics Server magentservice.exe Integer Wrap
2012-01-26 00:00:00
HP Diagnostics Server magentservice.exe Integer Wrap
2012-01-26 00:00:00
HP Diagnostics Server magentservice.exe Integer Wrap
2012-01-26 00:00:00
nessus
nessus
HP LoadRunner < 11.00 Patch 4 Code Execution Vulnerability
2012-06-26 00:00:00
HP LoadRunner < 11.00 Patch 4 Code Execution (intrusive check)
2012-11-13 00:00:00
securityvulns
securityvulns
HP Diagnostics Server buffer overflow
2012-06-03 00:00:00
ZDI-12-016 : &#40;0Day&#41; HP Diagnostics Server magentservice.exe Remote Code Execution Vulnerability
2012-01-16 00:00:00
[security bulletin] HPSBMU02785 SSRT100526 rev.1 - HP LoadRunner Running on Windows, Remote Execution of Arbitrary Code
2012-06-03 00:00:00
openvas
openvas
HP Diagnostics Server 'magentservice.exe' Buffer Overflow Vulnerability
2012-02-01 00:00:00
HP Diagnostics Server 'magentservice.exe' Buffer Overflow Vulnerability
2012-02-01 00:00:00
cvelist
cvelist
CVE-2011-4789
2012-01-13 02:00:00
packetstorm
packetstorm
HP Diagnostics Server magentservice.exe Overflow
2012-01-28 00:00:00
prion
prion
Stack overflow
2012-01-13 04:14:00
zdi
zdi
(0Day) HP Diagnostics Server magentservice.exe Remote Code Execution Vulnerability
2012-01-12 00:00:00

0.948 High

EPSS

Percentile

99.1%

JSON
Related for SAINT:89D9700DBB0B66D8E27B7CDCB47A9902
cve1checkpoint_advisories1saint3nessus2securityvulns5openvas2cvelist1packetstorm1prion1zdi1