Test ID:	1.3.6.1.4.1.25623.1.0.802386
Category:	Buffer overflow
Title:	HP Diagnostics Server 'magentservice.exe' Buffer Overflow Vulnerability
Summary:	HP Diagnostics Server is prone to a buffer overflow vulnerability.
Description:	Summary: HP Diagnostics Server is prone to a buffer overflow vulnerability. Vulnerability Insight: The flaw is due to an error within the magentservice.exe process when processing a specially crafted request sent to TCP port 23472 and causing a stack-based buffer overflow. Vulnerability Impact: Successful exploitation may allow remote attackers to execute arbitrary code within the context of the application or cause a denial of service condition. Affected Software/OS: HP Diagnostics Server 9.00. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-4789 BugTraq ID: 51398 http://www.securityfocus.com/bid/51398 HPdes Security Advisory: HPSBMU02785 http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03216705 HPdes Security Advisory: SSRT100526 http://zerodayinitiative.com/advisories/ZDI-12-016/ http://osvdb.org/78309
Copyright	Copyright (C) 2012 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.