A vulnerability in the TIBCO Hawk Monitoring Agent configuration interface may allow a local attacker to execute arbitrary code with elevated privileges.
TIBCO Hawk is a tool for monitoring and managing distributed applications and systems throughout an enterprise. A buffer overflow vulnerability has been discovered in the configuration interface to the TIBCO Hawk Monitoring Agent. According to the vendor, the following products are affected:
* TIBCO Hawk versions below 4.6.1 * TIBCO Runtime Agent (TRA) versions below 5.4
The following components are affected:
* TIBCO Hawk HMA (`tibhawkhma`)
A local attacker who is able to modify the configuration of the
tibhawkhma program may be able to execute arbitrary code with administrative privileges. TIBCO states the following:
tibhawkhma program is installed as suid root on a Unix system, the successful exploit will allow arbitrary code execution with root privileges.
tibhawkhma program is installed as a system service on a Windows system, the successful exploit will allow arbitrary code execution with system service privileges.
TIBCO Software, Inc. has released an updated version of the affected software to address this vulnerability. Users are strongly encouraged to upgrade to TIBCO Hawk version 4.6.1 or later. More information can be found in the TIBCO Hawk Security Advisory FAQ for this issue.
TIBCO recommends that users who are not able to upgrade employ all of the following workarounds:
* Set the permissions of the `tibhawkhma` configuration file such that only the system administrator may write to the configuration file. * Set the permissions of the `tibhawkhma` executable such that only the system administrator may launch the program. * On Unix systems, Set the permissions of the `tibhawkhma` executable such that it is not setuid.
Group | Score | Vector
Base | |
Temporal | |
Environmental | |
This vulnerability was reported by TIBCO Software, Inc.
This document was written by Chad R Dougherty.
CVE IDs: | None
Severity Metric: | 20.04
Date Public: | 2006-06-05
Date First Published: | 2006-06-05
Date Last Updated: | 2006-06-05 19:15 UTC
Document Revision: | 14