HP Intelligent Management Center iNodeMngChecker.exe Buffer Overflow

2011-10-14T00:00:00
ID SAINT:8E922CFE8694A7E40C0E2F3E1D72C77C
Type saint
Reporter SAINT Corporation
Modified 2011-10-14T00:00:00

Description

Added: 10/14/2011
CVE: CVE-2011-1867
BID: 48527
OSVDB: 73597

Background

HP Intelligent Management Center, also known as HP iNode Management Center, is a comprehensive management platform for delivering integrated, modular network management capabilities. The **iNodeMngChecker.exe** component listens, by default, on port 9090/tcp.

Problem

HP Intelligent Management Center's **iNodeMngChecker.exe** component is vulnerable to remote code execution in the context of the SYSTEM user as a result of a stack buffer overflow caused by improper bounds checking when handling the 0x0A0BF007 packet type.

Resolution

Apply updates as identified in HP Security Bulletin HPSB3C02687 SSRT100377.

References

<http://www.zerodayinitiative.com/advisories/ZDI-11-232/>

Limitations

Exploit works on HP iNode Management Center 5.0 E0101.

The IO-Socket-SSL PERL module is required for this exploit to run. This module is available from <http://www.cpan.org/modules/by-module/IO/>.

Platforms

Windows