logo
DATABASE RESOURCES PRICING ABOUT US

HP ProCurve Manager SNAC UpdateCertificatesServlet FileName Vulnerability

Description

Added: 10/03/2013 CVE: [CVE-2013-4812](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4812>) BID: [62348](<http://www.securityfocus.com/bid/62348>) OSVDB: [97155](<http://www.osvdb.org/97155>) ### Background HP ProCurve Manager (PCM) is a secure, advanced Windows-based network management platform that allows administrators to configure, update, monitor, and troubleshoot ProCurve devices centrally. ### Problem The SNAC registration server in HP ProCurve Manager (PCM) is vulnerable to remote code execution. The issue is due to the `**UpdateCertificatesServlet**` servlet not properly sanitizing the fileName argument. By uploading a crafted JSP file, a remote attacker could execute code under the context of the SYSTEM user. ### Resolution Update as directed in [HP Security Bulletin HPSBPV02918](<https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03897409>). ### References <http://www.zerodayinitiative.com/advisories/ZDI-13-225/> ### Limitations Exploit works on HP ProCurve Manager 4.0 on Windows Server 2003 SP2 English (DEP OptOut) and Windows Server 2008 SP2 (DEP OptOut). ### Platforms Windows


Related