A stack overflow vulnerability was discovered within the web administration service in Integrated Management Module 2 (IMM2) earlier than version 4.70 used in some Lenovo servers and earlier than version 6.60 used in some IBM servers. An attacker providing a crafted user ID and password combination can cause a portion of the authentication routine to overflow its stack, resulting in stack corruption.
Advisories
Source ID Title
EUVD EUVD EUVD-2017-12891 A stack overflow vulnerability was discovered within the web administration service in Integrated Management Module 2 (IMM2) earlier than version 4.70 used in some Lenovo servers and earlier than version 6.60 used in some IBM servers. An attacker providing a crafted user ID and password combination can cause a portion of the authentication routine to overflow its stack, resulting in stack corruption.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: lenovo

Published:

Updated: 2024-09-16T16:48:19.094Z

Reserved: 2016-12-16T00:00:00

Link: CVE-2017-3774

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-04-19T14:29:00.357

Modified: 2024-11-21T03:26:06.600

Link: CVE-2017-3774

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.