HP Intelligent Management Center uam.exe Stack Buffer Overflow
Added: 09/26/2012BID: 55271
OSVDB: 85060
Background
HP Intelligent Management Center, also known as HP iNode Management Center, is a comprehensive management platform for delivering integrated, modular network management capabilities. The User Access Manager (UAM) module (uam.exe) manages the discovery, provisioning, and monitoring of endpoints and users, including authentication and authorization for endpoints accessing the network edge. The UAM listens, by default, on port 1811/udp.Problem
The UAM component (uam.exe) is vulnerable to a stack buffer overflow as a result of logging to a file using sprintf without verifying the size of the destination buffer is adequate to store the logged data. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.Resolution
Restrict interaction with the UAM service to trusted machines until HP releases a patch or upgrade.References
http://www.zerodayinitiative.com/advisories/ZDI-12-171/Limitations
This exploit was tested against HP Intelligent Management Center User Access Manager 5.0 on Microsoft Windows Server 2003 SP2 English (DEP OptOut) and Microsoft Windows Server 2008 SP2 (DEP OptOut).Platforms
WindowsBack to exploit index