Propust programskog paketa HP Onboard Administrator

Otkriven je sigurnosni propust u programskom paketu HP Onboard Administrator koji udaljenom napadaču omogućuje neovlašten pristup sustavu.

Paket:	HP Onboard Administrator 3.x
Operacijski sustavi:	Microsoft Windows Server 2003, Microsoft Windows Server 2008
Kritičnost:	5.6
Problem:	nepoznat
Iskorištavanje:	udaljeno
Posljedica:	neovlašteni pristup sustavu
Rješenje:	programska zakrpa proizvođača
CVE:	CVE-2011-3155
Izvorni ID preporuke:	HPSBMU02710
Izvor:	Hewlett Packard

Problem:
Uzrok propusta nije poznat.
Posljedica:
Udaljeni napadač mogao bi iskoristiti propust za dobivanje neovlaštenog pristupa sustavu.
Rješenje:
Korisnicima se savjetuje instalacija nadogradnje.

Izvorni tekst preporuke

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c03048779

Version: 1
HPSBMU02710 SSRT100601 rev.1 - HP Onboard Administrator (OA), Remote Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

Release Date: 2011-10-10

Last Updated: 2011-10-10

Potential Security Impact: Remote unauthorized access

Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY

A potential security vulnerability has been identified with HP Onboard Administrator (OA). The vulnerability could be exploited remotely to gain unauthorized access.

References: CVE-2011-3155
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.

HP Onboard Administrator (OA) v3.21 up to and including v3.31
BACKGROUND

For a PGP signed version of this security bulletin please write to: Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.

CVSS 2.0 Base Metrics
Reference
	
Base Vector
	
Base Score
CVE-2011-3155
	
(AV:N/AC:L/Au:N/C:P/I:P/A:N)
	
6.4

Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
RESOLUTION

HP has made the Onboard Administrator (OA) v3.32 or subsequent available to resolve the vulnerability.

Onboard Administrator (OA) v3.32 is available here:

http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareIndex.jsp?lang=en&cc=us&prodNameId=3188475&prodTypeId=329290&prodSeriesId=3188465&swLang=8&taskId=135&swEnvOID=1113

HISTORY
Version:1 (rev.1) - 10 October 2011 Initial release

Propust programskog paketa HP Onboard Administrator

Tražilica portala

Aktivnosti

O CIS-u

Posljednje vijesti

Posljednji dokumenti

Propust programskog paketa HP Onboard Administrator

Tražilica portala

Aktivnosti

O CIS-u

Posljednje sigurnosne preporuke

Posljednje vijesti

Popularni članci

Posljednji dokumenti