ID HP_OPS_MANAGERI_HPSBMU03042.NASL Type nessus Reporter Tenable Modified 2015-09-04T00:00:00
Description
The HP Operations Manager i (OMi) installed on the remote host is version 9.1 or 9.2. It is, therefore, affected by an unspecified code execution vulnerability that allows an authenticated, remote attacker to execute arbitrary code by leveraging the OMi operator role.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(74253);
script_version("$Revision: 1.3 $");
script_cvs_date("$Date: 2015/09/04 19:55:21 $");
script_cve_id("CVE-2014-2607");
script_bugtraq_id(67570);
script_osvdb_id(107247);
script_xref(name:"HP", value:"emr_na-c04296442");
script_xref(name:"IAVB", value:"2014-B-0064");
script_xref(name:"HP", value:"HPSBMU03042");
script_xref(name:"HP", value:"SSRT101575");
script_name(english:"HP Operations Manager i (OMi) 9.1 / 9.2 RCE");
script_summary(english:"Checks HP Operations Manager i version / build.");
script_set_attribute(attribute:"synopsis", value:
"The remote host has an operations management application installed
that is affected by an unspecified code execution vulnerability.");
script_set_attribute(attribute:"description", value:
"The HP Operations Manager i (OMi) installed on the remote host is
version 9.1 or 9.2. It is, therefore, affected by an unspecified code
execution vulnerability that allows an authenticated, remote attacker
to execute arbitrary code by leveraging the OMi operator role.");
# https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04296442
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?87d5d6f0");
script_set_attribute(attribute:"see_also", value:"http://www.securityfocus.com/archive/1/532177/30/0/threaded");
script_set_attribute(attribute:"solution", value:"Apply the vendor-supplied patch.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2014/05/20");
script_set_attribute(attribute:"patch_publication_date", value:"2014/05/20");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/05/30");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:hp:operations_manager_i");
script_set_attribute(attribute:"stig_severity", value:"II");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.");
script_dependencies("hp_operations_manager_i_installed.nbin");
script_require_keys("SMB/HP Operations Manager i/Version", "SMB/HP Operations Manager i/Build", "SMB/HP Operations Manager i/Path");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
version = get_kb_item_or_exit("SMB/HP Operations Manager i/Version");
build = get_kb_item_or_exit("SMB/HP Operations Manager i/Build");
path = get_kb_item_or_exit("SMB/HP Operations Manager i/Path");
build_parts = split(build, sep:'.', keep:FALSE);
disp_version = version + ' Build ' + version + '.' + build_parts[0];
fixed_version = '';
if (version =~ '^09\\.1[0-3]($|\\.)' && int(build_parts[0]) < 739)
fixed_version = '09.13 Build 09.13.739';
else if (version =~ '^09\\.2[0-4]($|\\.)' && int(build_parts[0]) < 51)
fixed_version = '09.24 Build 09.24.051';
else
audit(AUDIT_INST_PATH_NOT_VULN, 'HP Operations Manager i', disp_version, path);
port = get_kb_item("SMB/transport");
if (!port) port = 445;
if (report_verbosity > 0)
{
report +=
'\n Path : ' + path +
'\n Installed version : ' + disp_version +
'\n Fixed version : ' + fixed_version +
'\n';
security_hole(port:port, extra:report);
}
else security_hole(port);
{"published": "2014-05-30T00:00:00", "id": "HP_OPS_MANAGERI_HPSBMU03042.NASL", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "history": [{"differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:26:06", "bulletin": {"enchantments": {}, "published": "2014-05-30T00:00:00", "id": "HP_OPS_MANAGERI_HPSBMU03042.NASL", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "history": [], "cpe": [], "hash": "856d2612a1458207ee6d6abdee456c4aa56d41d8af3e0083b20b905fc8753c20", "description": "The HP Operations Manager i (OMi) installed on the remote host is version 9.1 or 9.2. It is, therefore, affected by an unspecified code execution vulnerability that allows an authenticated, remote attacker to execute arbitrary code by leveraging the OMi operator role.", "type": "nessus", "pluginID": "74253", "lastseen": "2016-09-26T17:26:06", "edition": 1, "title": "HP Operations Manager i (OMi) 9.1 / 9.2 RCE", "href": "https://www.tenable.com/plugins/index.php?view=single&id=74253", "modified": "2015-09-04T00:00:00", "bulletinFamily": "scanner", "viewCount": 0, "cvelist": ["CVE-2014-2607"], "references": ["http://www.securityfocus.com/archive/1/532177/30/0/threaded", "http://www.nessus.org/u?87d5d6f0"], "naslFamily": "Windows", "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74253);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2015/09/04 19:55:21 $\");\n\n script_cve_id(\"CVE-2014-2607\");\n script_bugtraq_id(67570);\n script_osvdb_id(107247);\n script_xref(name:\"HP\", value:\"emr_na-c04296442\");\n script_xref(name:\"IAVB\", value:\"2014-B-0064\");\n script_xref(name:\"HP\", value:\"HPSBMU03042\");\n script_xref(name:\"HP\", value:\"SSRT101575\");\n\n script_name(english:\"HP Operations Manager i (OMi) 9.1 / 9.2 RCE\");\n script_summary(english:\"Checks HP Operations Manager i version / build.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an operations management application installed\nthat is affected by an unspecified code execution vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The HP Operations Manager i (OMi) installed on the remote host is\nversion 9.1 or 9.2. It is, therefore, affected by an unspecified code\nexecution vulnerability that allows an authenticated, remote attacker\nto execute arbitrary code by leveraging the OMi operator role.\");\n # https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04296442\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?87d5d6f0\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/532177/30/0/threaded\");\n script_set_attribute(attribute:\"solution\", value:\"Apply the vendor-supplied patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:hp:operations_manager_i\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n\n script_dependencies(\"hp_operations_manager_i_installed.nbin\");\n script_require_keys(\"SMB/HP Operations Manager i/Version\", \"SMB/HP Operations Manager i/Build\", \"SMB/HP Operations Manager i/Path\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nversion = get_kb_item_or_exit(\"SMB/HP Operations Manager i/Version\");\nbuild = get_kb_item_or_exit(\"SMB/HP Operations Manager i/Build\");\npath = get_kb_item_or_exit(\"SMB/HP Operations Manager i/Path\");\n\nbuild_parts = split(build, sep:'.', keep:FALSE);\ndisp_version = version + ' Build ' + version + '.' + build_parts[0];\n\nfixed_version = '';\nif (version =~ '^09\\\\.1[0-3]($|\\\\.)' && int(build_parts[0]) < 739)\n fixed_version = '09.13 Build 09.13.739';\nelse if (version =~ '^09\\\\.2[0-4]($|\\\\.)' && int(build_parts[0]) < 51)\n fixed_version = '09.24 Build 09.24.051';\nelse \n audit(AUDIT_INST_PATH_NOT_VULN, 'HP Operations Manager i', disp_version, path);\n\nport = get_kb_item(\"SMB/transport\");\nif (!port) port = 445;\n\nif (report_verbosity > 0)\n{\n report +=\n '\\n Path : ' + path +\n '\\n Installed version : ' + disp_version +\n '\\n Fixed version : ' + fixed_version + \n '\\n';\n security_hole(port:port, extra:report);\n}\nelse security_hole(port);\n", "hashmap": [{"hash": "aea23489ce3aa9b6406ebb28e0cda430", "key": "naslFamily"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "87513246dda606a0d7e7d106724c82e9", "key": "references"}, {"hash": "61239ec595150d52e5d5d20357c61084", "key": "published"}, {"hash": "ffd226be408c83331061dd97cdc80352", "key": "cvss"}, {"hash": "858249cf2b3331f562c442eddbb2f441", "key": "title"}, {"hash": "32018cae4815b25a4f56c669bbd0150a", "key": "description"}, {"hash": "458670a522291e4895b3fba3ad1e3098", "key": "pluginID"}, {"hash": "66fdfef2b35e0ae77689b0b6ac6edc26", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "572531288da2e80cd4d3dd70d4f635e8", "key": "sourceData"}, {"hash": "b6bb6b92c673d2aa27d8c654fd90d04a", "key": "cvelist"}, {"hash": "399367e0138962a3ef7b1142fac65281", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "objectVersion": "1.2"}}], "description": "The HP Operations Manager i (OMi) installed on the remote host is version 9.1 or 9.2. It is, therefore, affected by an unspecified code execution vulnerability that allows an authenticated, remote attacker to execute arbitrary code by leveraging the OMi operator role.", "hash": "3c96d13d2537a5034902365857bf723bbc93d8e53de75875549f794f0ac402cd", "enchantments": {"vulnersScore": 7.5}, "type": "nessus", "pluginID": "74253", "lastseen": "2017-10-29T13:43:33", "edition": 2, "cpe": ["cpe:/a:hp:operations_manager_i"], "title": "HP Operations Manager i (OMi) 9.1 / 9.2 RCE", "href": "https://www.tenable.com/plugins/index.php?view=single&id=74253", "modified": "2015-09-04T00:00:00", "bulletinFamily": "scanner", "viewCount": 0, "cvelist": ["CVE-2014-2607"], "references": ["http://www.securityfocus.com/archive/1/532177/30/0/threaded", "http://www.nessus.org/u?87d5d6f0"], "naslFamily": "Windows", "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74253);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2015/09/04 19:55:21 $\");\n\n script_cve_id(\"CVE-2014-2607\");\n script_bugtraq_id(67570);\n script_osvdb_id(107247);\n script_xref(name:\"HP\", value:\"emr_na-c04296442\");\n script_xref(name:\"IAVB\", value:\"2014-B-0064\");\n script_xref(name:\"HP\", value:\"HPSBMU03042\");\n script_xref(name:\"HP\", value:\"SSRT101575\");\n\n script_name(english:\"HP Operations Manager i (OMi) 9.1 / 9.2 RCE\");\n script_summary(english:\"Checks HP Operations Manager i version / build.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an operations management application installed\nthat is affected by an unspecified code execution vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The HP Operations Manager i (OMi) installed on the remote host is\nversion 9.1 or 9.2. It is, therefore, affected by an unspecified code\nexecution vulnerability that allows an authenticated, remote attacker\nto execute arbitrary code by leveraging the OMi operator role.\");\n # https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04296442\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?87d5d6f0\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/532177/30/0/threaded\");\n script_set_attribute(attribute:\"solution\", value:\"Apply the vendor-supplied patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:hp:operations_manager_i\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n\n script_dependencies(\"hp_operations_manager_i_installed.nbin\");\n script_require_keys(\"SMB/HP Operations Manager i/Version\", \"SMB/HP Operations Manager i/Build\", \"SMB/HP Operations Manager i/Path\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nversion = get_kb_item_or_exit(\"SMB/HP Operations Manager i/Version\");\nbuild = get_kb_item_or_exit(\"SMB/HP Operations Manager i/Build\");\npath = get_kb_item_or_exit(\"SMB/HP Operations Manager i/Path\");\n\nbuild_parts = split(build, sep:'.', keep:FALSE);\ndisp_version = version + ' Build ' + version + '.' + build_parts[0];\n\nfixed_version = '';\nif (version =~ '^09\\\\.1[0-3]($|\\\\.)' && int(build_parts[0]) < 739)\n fixed_version = '09.13 Build 09.13.739';\nelse if (version =~ '^09\\\\.2[0-4]($|\\\\.)' && int(build_parts[0]) < 51)\n fixed_version = '09.24 Build 09.24.051';\nelse \n audit(AUDIT_INST_PATH_NOT_VULN, 'HP Operations Manager i', disp_version, path);\n\nport = get_kb_item(\"SMB/transport\");\nif (!port) port = 445;\n\nif (report_verbosity > 0)\n{\n report +=\n '\\n Path : ' + path +\n '\\n Installed version : ' + disp_version +\n '\\n Fixed version : ' + fixed_version + \n '\\n';\n security_hole(port:port, extra:report);\n}\nelse security_hole(port);\n", "hashmap": [{"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "e46631d5abc2a37db10405c4da10b59b", "key": "cpe"}, {"hash": "b6bb6b92c673d2aa27d8c654fd90d04a", "key": "cvelist"}, {"hash": "ffd226be408c83331061dd97cdc80352", "key": "cvss"}, {"hash": "32018cae4815b25a4f56c669bbd0150a", "key": "description"}, {"hash": "66fdfef2b35e0ae77689b0b6ac6edc26", "key": "href"}, {"hash": "399367e0138962a3ef7b1142fac65281", "key": "modified"}, {"hash": "aea23489ce3aa9b6406ebb28e0cda430", "key": "naslFamily"}, {"hash": "458670a522291e4895b3fba3ad1e3098", "key": "pluginID"}, {"hash": "61239ec595150d52e5d5d20357c61084", "key": "published"}, {"hash": "87513246dda606a0d7e7d106724c82e9", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "572531288da2e80cd4d3dd70d4f635e8", "key": "sourceData"}, {"hash": "858249cf2b3331f562c442eddbb2f441", "key": "title"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}], "objectVersion": "1.3"}
{"result": {"cve": [{"id": "CVE-2014-2607", "type": "cve", "title": "CVE-2014-2607", "description": "Unspecified vulnerability in HP Operations Manager i 9.1 through 9.13 and 9.2 through 9.24 allows remote authenticated users to execute arbitrary code by leveraging the OMi operator role.", "published": "2014-05-25T20:25:31", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2607", "cvelist": ["CVE-2014-2607"], "lastseen": "2016-09-03T20:17:03"}]}}
