HP Web-enabled Management Software HTTP Server Remote Overflow

2005-02-15T16:37:07
ID OSVDB:13843
Type osvdb
Reporter OSVDB
Modified 2005-02-15T16:37:07

Description

Vulnerability Description

A remote overflow exists in the HP Web-enabled Management Software HTTP server, running any Web Based Enterprise Management Agent or Utility that resides on TCP port 2301. The server fails to validate user supplied input resulting in a buffer overflow. With a specially crafted request, an attacker can cause a denial of service condition (server crash) or potentially execute arbitrary code.

Solution Description

Upgrade to version 5.96 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s):

Downloaded the patch file from hp; file is a self-extracting executable with a filename based on the Smart Component Number. Have all the associated files listed below in a single directory on your hard drive.

  SP29008.txt
  patchweb.bat
  findver.exe
  regtool.exe
  strexp.exe
  cpqhmmo2.fre
  cpqlogin.frm
  cpqopts.frm

From a DOS command shell change to that drive and directory and type:

  patchweb patch

This will replace the necessary files.

Short Description

A remote overflow exists in the HP Web-enabled Management Software HTTP server, running any Web Based Enterprise Management Agent or Utility that resides on TCP port 2301. The server fails to validate user supplied input resulting in a buffer overflow. With a specially crafted request, an attacker can cause a denial of service condition (server crash) or potentially execute arbitrary code.

References:

Vendor URL: http://www.hp.com/ Vendor Specific Advisory URL Security Tracker: 1013182 Secunia Advisory ID:14311 Other Advisory URL: http://h18004.www1.hp.com/products/servers/management/SSRT2310c.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-02/0235.html CVE-2005-4823 CIAC Advisory: p-141 Bugtraq ID: 12566