Propust vezan uz HP Diagnostics

Otkriven je sigurnosni propust vezan uz HP Diagnostics kojeg zlonamjerni korisnici mogu iskoristiti za pokretanje proizvoljnog programskog koda.

Paket:	HP Diagnostics 9.x
Operacijski sustavi:	Apple Mac OS X 10, Apple Mac OS X 10.1, Apple Mac OS X 10.2, Apple Mac OS X 10.3, Apple Mac OS X 10.4, Apple Mac OS X 10.5, Apple Mac OS X 10.6, Apple Mac OS X 10.7, Debian Linux 4.0 (etch), Debian Linux 5.0 (lenny), Debian Linux 6.0 (squeeze), Microsoft Windows 95, Microsoft Windows 98, Microsoft Windows 2000, Microsoft Windows Me, Microsoft Windows XP, Microsoft Windows Server 2003, Microsoft Windows Vista, Microsoft Windows Server 2008, Microsoft Windows 7, Nepoznat , openSUSE 10.2, openSUSE 10.3, openSUSE 11.0, openSUSE 11.1, openSUSE 11.2, openSUSE 11.3, openSUSE 11.4, openSUSE 12.1, Red Hat Enterprise Linux 2.1, Red Hat Enterprise Linux 3, Red Hat Enterprise Linux 4, Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, Sun Solaris 7, Sun Solaris 8, Sun Solaris 9, Sun Solaris 10, SUSE 10, SUSE 11, Ubuntu Linux 11.0, Ubuntu Linux 5.04, Ubuntu Linux 5.10, Ubuntu Linux 6.06, Ubuntu Linux 6.10, Ubuntu Linux 7.04, Ubuntu Linux 7.10, Ubuntu Linux 8.04, Ubuntu Linux 8.10, Ubuntu Linux 9.04, Ubuntu Linux 9.10, Ubuntu Linux 10.04, Ubuntu Linux 10.10, Ubuntu Linux 11.04, Ubuntu Linux 11.10
Kritičnost:	10
Problem:	pogreška u programskoj komponenti, preljev međuspremnika
Iskorištavanje:	udaljeno
Posljedica:	proizvoljno izvršavanje programskog koda
Rješenje:	ne postoji zakrpa
CVE:	CVE-2011-4789
Izvorni ID preporuke:	SA47574
Izvor:	Secunia

Problem:
Propust je posljedica pogreške u komponenti "magentservice.exe", a javlja se kod obrade pojedinih zahtjeva.
Posljedica:
Udaljeni zlonamjerni korisnik može iskoristiti navedeni propust za izvršavanje proizvoljnog programskog koda podmetanjem posebno oblikovanog zahtjeva poslanog na TCP priključak 23472.
Rješenje:
Preporuča se ograničiti pristup samo na provjerene korisnike.

Izvorni tekst preporuke

HP Diagnostics magentservice.exe Buffer Overflow Vulnerability
Secunia Advisory 	SA47574 	
Release Date 	2012-01-16
Criticality level 	Moderately criticalModerately critical
Impact 	System access
Where 	From local network
Authentication level 	Available in Customer Area
  	 
Report reliability 	Available in Customer Area
Solution Status 	Unpatched
  	 
Systems affected 	Available in Customer Area
Approve distribution 	Available in Customer Area
Remediation status 	Secunia VIM
  	 
Software:	
	HP Diagnostics 9.x

Secunia CVSS Score 	Available in Customer Area
CVE Reference(s) 	No CVE references.

	   	

Description

A vulnerability has been reported in HP Diagnostics, which can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to a boundary error within the magentservice.exe process when processing certain requests. This can be exploited to cause a stack-based buffer overflow via a specially crafted request sent to TCP port 23472.

The vulnerability is reported in version 9.00. Other versions may also be affected.

Solution
Restrict access to trusted hosts only.

Provided and/or discovered by
AbdulAziz Hariri via ZDI.

Original Advisory
ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-12-016/

Propust vezan uz HP Diagnostics

Tražilica portala

Aktivnosti

O CIS-u

Posljednje vijesti

Posljednji dokumenti

Propust vezan uz HP Diagnostics

Tražilica portala

Aktivnosti

O CIS-u

Posljednje sigurnosne preporuke

Posljednje vijesti

Popularni članci

Posljednji dokumenti