Vulnerability Report

CVE-2008-2468

RCE

Title: Landesk Landesk Management Suite RCE

RCE

Proof Of Concept

No public PoC currently indexed for CVE-2008-2468.

CWE Category CWE-119

Published Date Sep 18, 2008

Modified Date Apr 09, 2025

Exploit Status Not Found

Score 10.0 CVSS v2.0

Exploit Probability (EPSS)

40.89%

Vulnerability Summary

CVE-2008-2468: Multiple buffer overflows in the QIP Server Service (aka qipsrvr.exe) in LANDesk Management Suite, Security Suite, and Server Manager 8.8 and earlier allow remote attackers to execute arbitrary code via a crafted heal request, related to the StringToMap and StringSize arguments.

Impacted Vendors

landesk 3

landesk_software 1

Reference Links

http://community.landesk.com/support/docs/DOC-3276 http://dvlabs.tippingpoint.com/advisory/TPTI-08-06 http://secunia.com/advisories/31888 http://securityreason.com/securityalert/4269 http://www.kb.cert.org/vuls/id/538011 http://www.securityfocus.com/archive/1/496369/100/0/threaded http://www.securityfocus.com/bid/31193 http://www.securitytracker.com/id?1020888 http://www.vupen.com/english/advisories/2008/2588 https://exchange.xforce.ibmcloud.com/vulnerabilities/45154 http://community.landesk.com/support/docs/DOC-3276 http://dvlabs.tippingpoint.com/advisory/TPTI-08-06 http://secunia.com/advisories/31888 http://securityreason.com/securityalert/4269 http://www.kb.cert.org/vuls/id/538011 http://www.securityfocus.com/archive/1/496369/100/0/threaded http://www.securityfocus.com/bid/31193 http://www.securitytracker.com/id?1020888 http://www.vupen.com/english/advisories/2008/2588 https://exchange.xforce.ibmcloud.com/vulnerabilities/45154

CVSS v2.0

Source Entity [email protected]

Severity HIGH

10.0

Access Vector

N/A

Authentication

N/A

RAW VECTOR AV:N/AC:L/Au:N/C:C/I:C/A:C

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2008-2468 Exploits & PoCs (Proof Of Concept)

No public PoCs found in our database for this CVE.

April 09, 2025 MODIFIED

Vulnerability data or affected products updated.

September 18, 2008 PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A

Complexity N/A

Privileges N/A

Interaction NONE

CVSS Vector String


                                    AV:N/AC:L/Au:N/C:C/I:C/A:C

Affected Stack

No specific products linked.