Vulnerabilities > CVE-2008-3538 - Remote Privilege Escalation vulnerability in HP Enterprise Discovery

CVSS 9.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

microsoft

critical

NVD

Published: 2008-09-02

Updated: 2017-08-08

Summary

Unspecified vulnerability in HP Enterprise Discovery 2.0 through 2.52 on Windows allows remote authenticated users to execute arbitrary code via unknown vectors. NOTE: the initial description of this CVE was inadvertently associated with libxml2, but it should be for HP Enterprise Discovery.

Vulnerable Configurations

Part	Description	Count
Application	Hp HP Enterprise Discovery 2.0 HP Enterprise Discovery 2.0.1 HP Enterprise Discovery 2.0.2 HP Enterprise Discovery 2.0.3 HP Enterprise Discovery 2.0.4 HP Enterprise Discovery 2.1 HP Enterprise Discovery 2.1.1 HP Enterprise Discovery 2.1.2 HP Enterprise Discovery 2.1.3 HP Enterprise Discovery 2.20 HP Enterprise Discovery 2.21 HP Enterprise Discovery 2.22 HP Enterprise Discovery 2.50 HP Enterprise Discovery 2.51 HP Enterprise Discovery 2.52	15
OS	Microsoft Microsoft Windows *	1

Seebug

bulletinFamily	exploit
description	BUGTRAQ ID: 30865 CVE ID: CVE-2008-3538 CNCVE ID：CNCVE-20083538 HP Enterprise Discovery是一款识别并了解数据中心或计算网络中正在运行的应用程序和进程的解决方案。 HP Enterprise Discovery存在一个未明安全问题，远程攻击者可以利用漏洞获得SYSTEM高特权，控制应用程序所在系统。目前没有详细漏洞细节提供。 HP Enterprise Discovery 2.1.3 HP Enterprise Discovery 2.1.2 HP Enterprise Discovery 2.1.1 HP Enterprise Discovery 2.0.4 HP Enterprise Discovery 2.0.3 HP Enterprise Discovery 2.0.2 HP Enterprise Discovery 2.0.1 HP Enterprise Discovery 2.52 HP Enterprise Discovery 2.51 HP Enterprise Discovery 2.50 HP Enterprise Discovery 2.22 HP Enterprise Discovery 2.21 HP Enterprise Discovery 2.20 HP Enterprise Discovery 2.1 HP Enterprise Discovery 2.0 可参考如下链接获得补丁信息： <a href=http://support.openview.hp.com/selfsolve/ target=_blank>http://support.openview.hp.com/selfsolve/</a> 这些补丁需要手工安装，可参考如下包含安装指南的补丁文档： HP Enterprise Discovery Version 2.0 Patch Number HPED_00159 HP Enterprise Discovery Version 2.0.1 Patch Number HPED_00145 HP Enterprise Discovery Version 2.0.2 Patch Number HPED_00146 HP Enterprise Discovery Version 2.0.3 Patch Number HPED_00147 HP Enterprise Discovery Version 2.0.4 Patch Number HPED_00148 HP Enterprise Discovery Version 2.1 Patch Number HPED_00149 HP Enterprise Discovery Version 2.1.1 Patch Number HPED_00150 HP Enterprise Discovery Version 2.1.2 Patch Number HPED_00151 HP Enterprise Discovery Version 2.1.3 Patch Number HPED_00152 HP Enterprise Discovery Version 2.20 Patch Number HPED_00153 HP Enterprise Discovery Version 2.21 Patch Number HPED_00154 HP Enterprise Discovery Version 2.22 Patch Number HPED_00155 HP Enterprise Discovery Version 2.50 Patch Number HPED_00156 HP Enterprise Discovery Version 2.51 Patch Number HPED_00157 HP Enterprise Discovery Version 2.52 Patch Number HPED_00158
id	SSV:3935
last seen	2017-11-19
modified	2008-08-28
published	2008-08-28
reporter	Root
title	HP Enterprise Discovery未明远程特权提升漏洞

Summary

Vulnerable Configurations

Seebug

References