{"type": "saint", "published": "2012-10-12T00:00:00", "href": "https://my.saintcorporation.com/cgi-bin/exploit_info/hp_diagnostics_magentservice_packet_parsing", "bulletinFamily": "exploit", "cvelist": [], "cvss": {"vector": "NONE", "score": 0.0}, "enchantments": {"score": {"value": 2.7, "vector": "NONE", "modified": "2017-01-10T14:03:42", "rev": 2}, "dependencies": {"references": [], "modified": "2017-01-10T14:03:42", "rev": 2}, "vulnersScore": 2.7}, "lastseen": "2017-01-10T14:03:42", "viewCount": 2, "id": "SAINT:E7231129462D4F010AE677698B2C10BD", "references": [], "edition": 1, "reporter": "SAINT Corporation", "modified": "2012-10-12T00:00:00", "title": "HP Diagnostics magentservice.exe Malformed Packet Parsing Vulnerability", "description": "Added: 10/12/2012 \nBID: [55159](<http://www.securityfocus.com/bid/55159>) \nOSVDB: [84855](<http://www.osvdb.org/84855>) \n\n\n### Background\n\nHP Diagnostics software monitors application transaction health in traditional, virtualized and cloud environments. \n\n### Problem\n\nHP Diagnostics Server has a buffer overflow vulnerability in the `**magentservice.exe**` process that could allow unauthenticated remote attackers to execute arbitrary code in the context of the SYSTEM user. The `**magentservice.exe**` process listens on port 23472 by default. \n\n### Resolution\n\nA patch is not available at the time of publication. Limit access to TCP port 23472. \n\n### References\n\n<http://www.zerodayinitiative.com/advisories/ZDI-12-162/> \n\n\n### Limitations\n\nThis exploit was tested against HP Diagnostics Server 9.20 on Microsoft Windows Server 2003 SP2 English (DEP OptOut) with KB956802 and KB2644615. \n\nExploit requires the IO-Socket-SSL PERL module to be installed on the scanning host. This module is available from <http://www.cpan.org/modules/by-module/IO/>. \n\n### Platforms\n\nWindows \n \n\n"}

{}