Vulnerabilities > CVE-2008-3538 - Remote Privilege Escalation vulnerability in HP Enterprise Discovery

047910
CVSS 9.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
hp
microsoft
critical

Summary

Unspecified vulnerability in HP Enterprise Discovery 2.0 through 2.52 on Windows allows remote authenticated users to execute arbitrary code via unknown vectors. NOTE: the initial description of this CVE was inadvertently associated with libxml2, but it should be for HP Enterprise Discovery.

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 30865 CVE ID: CVE-2008-3538 CNCVE ID:CNCVE-20083538 HP Enterprise Discovery是一款识别并了解数据中心或计算网络中正在运行的应用程序和进程的解决方案。 HP Enterprise Discovery存在一个未明安全问题,远程攻击者可以利用漏洞获得SYSTEM高特权,控制应用程序所在系统。 目前没有详细漏洞细节提供。 HP Enterprise Discovery 2.1.3 HP Enterprise Discovery 2.1.2 HP Enterprise Discovery 2.1.1 HP Enterprise Discovery 2.0.4 HP Enterprise Discovery 2.0.3 HP Enterprise Discovery 2.0.2 HP Enterprise Discovery 2.0.1 HP Enterprise Discovery 2.52 HP Enterprise Discovery 2.51 HP Enterprise Discovery 2.50 HP Enterprise Discovery 2.22 HP Enterprise Discovery 2.21 HP Enterprise Discovery 2.20 HP Enterprise Discovery 2.1 HP Enterprise Discovery 2.0 可参考如下链接获得补丁信息: <a href=http://support.openview.hp.com/selfsolve/ target=_blank>http://support.openview.hp.com/selfsolve/</a> 这些补丁需要手工安装,可参考如下包含安装指南的补丁文档: HP Enterprise Discovery Version 2.0 Patch Number HPED_00159 HP Enterprise Discovery Version 2.0.1 Patch Number HPED_00145 HP Enterprise Discovery Version 2.0.2 Patch Number HPED_00146 HP Enterprise Discovery Version 2.0.3 Patch Number HPED_00147 HP Enterprise Discovery Version 2.0.4 Patch Number HPED_00148 HP Enterprise Discovery Version 2.1 Patch Number HPED_00149 HP Enterprise Discovery Version 2.1.1 Patch Number HPED_00150 HP Enterprise Discovery Version 2.1.2 Patch Number HPED_00151 HP Enterprise Discovery Version 2.1.3 Patch Number HPED_00152 HP Enterprise Discovery Version 2.20 Patch Number HPED_00153 HP Enterprise Discovery Version 2.21 Patch Number HPED_00154 HP Enterprise Discovery Version 2.22 Patch Number HPED_00155 HP Enterprise Discovery Version 2.50 Patch Number HPED_00156 HP Enterprise Discovery Version 2.51 Patch Number HPED_00157 HP Enterprise Discovery Version 2.52 Patch Number HPED_00158
idSSV:3935
last seen2017-11-19
modified2008-08-28
published2008-08-28
reporterRoot
titleHP Enterprise Discovery未明远程特权提升漏洞