Otkriven je sigurnosni nedostatak u radu programskog paketa HP Operations Agent for NonStop. Moguće ga je iskoristiti lokalno, za pokretanje proizvoljnog programskog koda.
Paket:
HP Operations Agent for NonStop 5.x
Operacijski sustavi:
HP-UX 10.x, HP-UX 11.x
Problem:
pogreška u programskoj komponenti
Iskorištavanje:
lokalno
Posljedica:
proizvoljno izvršavanje programskog koda
Rješenje:
ne postoji zakrpa
Izvorni ID preporuke:
SA50332
Izvor:
Secunia
Problem:
Nedostatak je uzrokovan pogreškom u ELinkService servisu, a očituje se prilikom analize HEALTH paketa poslanih na TCP priključak 7771 ili 8976.
Posljedica:
Napadačima omogućuje pokretanje proizvoljnog programskog koda.
HP Operations Agent for NonStop HEALTH Packet Parsing Buffer Overflow Vulnerability
Secunia Advisory SA50332
Release Date 2012-08-23
Criticality level Moderately criticalModerately critical
Impact System access
Where From local network
Authentication level Available in Customer Area
Report reliability Available in Customer Area
Solution Status Unpatched
Systems affected Available in Customer Area
Approve distribution Available in Customer Area
Remediation status Secunia VIM
Software:
HP Operations Agent for NonStop 5.x
Secunia CVSS Score Available in Customer Area
CVE Reference(s) No CVE references.
Description
A vulnerability has been reported in HP Operations Agent for NonStop, which can be exploited by malicious people to compromise a vulnerable system.
A boundary error within the ELinkService process when parsing a HEALTH packet can be exploited to cause a stack-based buffer overflow via a specially crafted packet sent to TCP ports 7771 or 8976.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in version 5.01. Other versions may also be affected.
Solution
No official solution is currently available.
Provided and/or discovered by
e6af8de8b1d4b2b6d5ba2610cbf9cd38 via ZDI.
Original Advisory
http://www.zerodayinitiative.com/advisories/ZDI-12-165/
Posljednje sigurnosne preporuke