Security News

HPE Intelligent Management Center Integer Underflow Vulnerability

By

The HPE Intelligent Management Center (IMC) Basic Software Platform is a network management, software tool with unified resource and device management providing a lower total cost of ownership. The platform is designed for small to medium sized businesses with small network environments that need a single display screen to show their network infrastructures. The Wireless Services Manager (WSM) Module provides uniformity over a wireless network for even geographically dispersed network. The WSM module uses several methods of authentication, one of which is the “Wireless Protocol”.

A stack buffer overflow vulnerability exists in WSM module of HPE Intelligent Management Center. The vulnerabilty occurs when a special message was sent when WSM is parsing it without validating the fields correctly. A remote, unauthenticated attacker could exploit this vulnerability to execute arbitrary code remotely on the target server in the context of SYSTEM or root. This vulnerability has been assigned by the Common Vulnerabilities and Exposures with ID CVE-2017-5804.

SonicWall threat research team has researched this vulnerability and released the following IPS signature:

  • IPS:12915 HPE Intelligent Management Center Buffer Overflow 5
Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.
Recommended Cyber Security Stories
FREAK: Attacking Export RSA Keys (March 4, 2015)
Current State of CoronaVirus related threats
Ramnit keeps coming back
Microsoft Security Bulletin Coverage (June 12, 2013)
FakeRansom: Deletes files then demands payment for nothing (Jul 15th, 2016)
Asterisk res_pjsip_pubsub Denial of Service (Jan 2, 2015)
OpenSSL X509 Certificate Vulnerabilities
BBVA Group phishing spam - New Banker Trojan (Nov 13, 2009)