U radu programskih paketa HP Intelligent Management Center Endpoint Admission Defense i HP Intelligent Management Center User Access Manager uočen je sigurnosni nedostatak koji napadaču omogućuje izvršavanje proizvoljnog programskog koda.
Paket:
HP Intelligent Management Center Endpoint Admission Defense (EAD) 5.x, HP Intelligent Management Center User Access Manager (UAM) 5.x
Operacijski sustavi:
Microsoft Windows Server 2003, Microsoft Windows Server 2008, Red Hat Enterprise Linux 5
Kritičnost:
7.4
Problem:
neodgovarajuća provjera ulaznih podataka, pogreška u programskoj komponenti
Iskorištavanje:
lokalno
Posljedica:
neovlašteni pristup sustavu, proizvoljno izvršavanje programskog koda
Rješenje:
programska zakrpa proizvođača
CVE:
CVE-2011-1867
Izvorni ID preporuke:
SA45129
Izvor:
Hewlett Packard
Problem:
Propust nastaje zbog neodgovarajuće obrade nespecificiranih podataka poslanih na TCP priključak 9090 što ima za posljedicu prepisivanje spremnika u "iNOdeMngChecker.exe".
Posljedica:
Zlonamjerni korisnik može iskoristiti ranjivost za neovlašten pristup i pokretanje proizvoljnog programskog koda.
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02901775
Version: 1
HPSB3C02687 SSRT100377 rev.1 - HP Intelligent Management Center User Access Manager (UAM) and Endpoint Admission Defense (EAD), Remote Execution of Arbitrary Code
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-06-30
Last Updated: 2011-06-30
Potential Security Impact: Remote execution of arbitrary code
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
A potential security vulnerability has been identified with HP Intelligent Management Center User Access Manager (UAM) and Endpoint Admission Defense (EAD). The vulnerability could be exploited to allow remote execution of arbitrary code.
References:
CVE-2011-1867 (ZDI-CAN-1082)
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP Intelligent Management Center User Access Manager (UAM) 5.0 (E0101) or earlier.
HP Intelligent Management Center Endpoint Admission Defense (EAD) 5.0 (E0101) or earlier.
BACKGROUND
For a PGP signed version of this security bulletin please write to: Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
CVSS 2.0 Base Metrics
Reference
Base Vector
Base Score
CVE-2011-1867
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
10.0
Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
The Hewlett-Packard Company thanks Luigi Auriemma and TippingPoint (Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.) for reporting these vulnerabilities to Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
RESOLUTION
HP has made an update available to resolve the vulnerabilities. The update can be downloaded from the following locations:
Product
Version
Location
HP Intelligent Management Center User Access Manager (UAM)
IMC_UAM_5.0_SP1_E0101P03
https://h10145.www1.hp.com/downloads/SoftwareReleases.aspx?ProductNumber=JF388A
HP Intelligent Management Center Endpoint Admission Defense (EAD)
IMC_EAD_5.0_SP1_E0101P03
https://h10145.www1.hp.com/downloads/SoftwareReleases.aspx?ProductNumber=JF391A
HISTORY
Version:1 (rev.1) - 30 June 2011 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Posljednje sigurnosne preporuke