Intrusion Prevention

HP.Intelligent.Management.Center.dbman.Buffer.Overflow

Description

This indicates an attack attempt against a Buffer Overflow vulnerability in HP Intelligent Management Center.
The vulnerability occurs while processing packets sent to port 2810/UDP. User supplied data is copied to a stack buffer by calling the sprintf function, without performing a boundary check. This allows a remote attacker to execute arbitrary code by sending a crafted packet to the target.

Affected Products

HP Intelligent Management Center prior to 5.0 (E0101L02)

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Refer to the vendor's website for a suggested workaround.
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02822750

CVE References

CVE-2011-1850