Vulnerability Note VU#538011

LANDesk QIP service buffer overflow vulnerability

Original Release date: 17 Sep 2008 | Last revised: 17 Sep 2008

Overview

The LANDesk Management Suite Intel QIP service contains a buffer overflow vulnerability.

Description

The LANDesk Intel QIP Server Service is used to configure policy management. The Intel QIP service allows LANDesk Agents to report status and make certain software requests.

A buffer overflow vulnerability exists in the Intel QIP service (Qipsrvr.exe).

Impact

A remote, unauthenticated attacker may be able to execute code with system privileges.

Solution

Upgrade
LANDesk has released updates to address this issue. See LANDesk DOC-3276 for more information.


Restrict access

The QIP service listens on 12175/tcp by default. Restricting access to this port by using access control lists or port filters may prevent this vulnerablility from being exploited.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
LANDeskAffected-17 Sep 2008
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

Thanks to LANDesk for technical information that was used in this document. This issue was reported to LANDesk by TippingPoint DVLabs.

This document was written by Ryan Giobbi.

Other Information

  • CVE IDs: CVE-2008-2468
  • Date Public: 12 Sep 2008
  • Date First Published: 17 Sep 2008
  • Date Last Updated: 17 Sep 2008
  • Severity Metric: 3.21
  • Document Revision: 11

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.