CVE-2008-2468

critical

Description

Multiple buffer overflows in the QIP Server Service (aka qipsrvr.exe) in LANDesk Management Suite, Security Suite, and Server Manager 8.8 and earlier allow remote attackers to execute arbitrary code via a crafted heal request, related to the StringToMap and StringSize arguments.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/45154

http://www.vupen.com/english/advisories/2008/2588

http://www.securitytracker.com/id?1020888

http://www.securityfocus.com/bid/31193

http://www.securityfocus.com/archive/1/496369/100/0/threaded

http://www.kb.cert.org/vuls/id/538011

http://securityreason.com/securityalert/4269

http://secunia.com/advisories/31888

http://dvlabs.tippingpoint.com/advisory/TPTI-08-06

http://community.landesk.com/support/docs/DOC-3276

Details

Source: Mitre, NVD

Published: 2008-09-18

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical