Uočena je sigurnosna nepravilnost vezana uz HP StorageWorks P4000 Virtual SAN Appliance Software koja može rezultirati izvođenjem proizvoljnog programskog koda. Ranjivost u radu je uzrokovana komponentom "hydra.exe" koja nepravilno obrađuje ulazne korisničke podatke, a kao posljedica se javlja pojava prepisivanja spremnika gomile (eng. stack-based buffer). Udaljeni napadač može iskoristiti sigurnosni propust te izvesti proizvoljan programski kod. Zlouporaba uključuje podmetanje znakovnog niza velike duljine i slanje na TCP priključak 13838. Svim se korisnicima savjetuje pravovremena instalacija dostupne programske nadogradnje.
HP StorageWorks P4000 Virtual SAN Appliance Software Buffer Overflow
Secunia Advisory SA43876
Release Date 2011-03-24
Criticality level Moderately criticalModerately critical
Impact System access
Where From local network
Authentication level Available in Customer Area
Report reliability Available in Customer Area
Solution Status Unpatched
Systems affected Available in Customer Area
Approve distribution Available in Customer Area
Software:
HP StorageWorks P4000 Virtual SAN Appliance Software 8.x
Secunia CVSS Score Available in Customer Area
CVE Reference(s) No CVE references.
Description
A vulnerability has been reported in HP StorageWorks P4000 Virtual SAN Appliance Software, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to a boundary error within hydra.exe when parsing a login request. This can be exploited to cause a stack-based buffer overflow via an overly long string sent to TCP port 13838.
Successful exploitation may allow execution of arbitrary code.
Solution
Restrict access to trusted hosts only.
Provided and/or discovered by
Nicolas Gregoire, Agarri via ZDI.
Original Advisory
ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-11-111/
Posljednje sigurnosne preporuke