返回 CVE 浏览器

CVE-2008-2468

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0100%

EPSS Percentile16.68th

Published2008年9月18日

Last Modified2026年4月23日

Vulnerability Description

Multiple buffer overflows in the QIP Server Service (aka qipsrvr.exe) in LANDesk Management Suite, Security Suite, and Server Manager 8.8 and earlier allow remote attackers to execute arbitrary code via a crafted heal request, related to the StringToMap and StringSize arguments.

Affected Platforms (CPE)

📦

Landesk

Landesk Management Suite

<= 8.8

📦

Landesk

Landesk Management Suite

= 8.7

📦

Landesk

Landesk Security Suite

<= 8.8

📦

Landesk

Landesk Security Suite

= 8.7

📦

Landesk

Landesk Server Manager

<= 8.8

📦

Landesk

Landesk Server Manager

= 8.7

References & Advisories

🔗 http://community.landesk.com/support/docs/DOC-3276

🔗 http://dvlabs.tippingpoint.com/advisory/TPTI-08-06

🔗 http://secunia.com/advisories/31888

🔗 http://securityreason.com/securityalert/4269

🔗 http://www.kb.cert.org/vuls/id/538011

🔗 http://www.securityfocus.com/archive/1/496369/100/0/threaded

🔗 http://www.securityfocus.com/bid/31193

🔗 http://www.securitytracker.com/id?1020888

相关漏洞威胁

CVE-2007-167410.0

Stack-based buffer overflow in the Alert Service (aolnsrvr.exe) in LANDesk Management Suite 8.7 allows remote attackers to execute...

CVE-2016-31479.8

Buffer overflow in the collector.exe listener of the Landesk Management Suite 10.0.0.271 and earlier allows remote attackers to ca...

CVE-2019-123779.8

A vulnerable upl/async_upload.asp web API endpoint in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Serv...

CVE-2019-123739.0

Improper access control and open directories in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Up...