504914 : HP Power Manager Remote Code Execution

Risk 5 : Miscellaneous

Vulnerabilities in the HP Power Manager could allow command execution.

HP Power Manager is a web-based application that enables administrators to manage a HP UPS from a browser-based management console.

formExportDataLogs Directory Traversal

01/28/10 CVE 2009-4000 A directory traversal vulnerability exists in HP Power Manager. The vulnerability is due to an input validation error while processing parameters sent to the formExportDataLogs form of the web based management web server. Remote unauthenticated attackers can exploit this vulnerability to overwrite arbitrary files with attacker-controlled data on the target system by sending malicious HTTP requests.

formExportDataLogs Buffer Overflow Vulnerability

01/27/10 CVE 2009-3999 A buffer overflow vulnerability exits in HP Power Manager. The vulnerability is due to insufficient bounds checking in the HP Power Manager while processing URL parameters in the formExportDataLogs form of the web based management web server. Remote unauthenticated attackers can exploit this vulnerability to inject and execute arbitrary code on the target system by sending malicious HTTP requests. In an attack scenario where code execution is successful the injected code will be executed within the security context of the SYSTEM user. An unsuccessful exploit attempt may terminate the affected service abnormally and result in a denial of service condition.

Remote Code Execution Vulnerability

11/10/09 CVE 2009-2685 A remote code execution vulnerability exists within HP Power Manager. The vulnerability is due to insufficient bounds checking in the HP Power Manager while processing URL parameters in the login form of the web based management web server. Remote unauthenticated attackers can exploit this vulnerability by sending malicious HTTP requests to the target. Successful exploitation could result in execution of arbitrary code within the security context of the service, normally SYSTEM. An unsuccessful exploit attempt may abnormally terminate the service.

The formExportDataLogs Directory Traversal vulnerability was reported in [http://www.securityfocus.com/bid/37873/] Bugtraq ID 37873.

The formExportDataLogs Buffer Overflow vulnerability was reported in [http://www.securityfocus.com/bid/37866/] Bugtraq ID 37866.

The Remote Code Execution vulnerability was reported in [http://www.securityfocus.com/bid/36933/] Bugtraq ID 36933.

Solution:
References:
CVSS Information:
Low Attack Complexity, Complete Confidentiality Impact, Complete Integrity Impact, Complete Availability Impact
Credit:
Saint Coorporation : 2010-06-22
New Search
Keywords
Risk Factor
Start Date
End Date
Browse