HP Operations Agent Opcode 0x34 vulnerability

2012-08-06T00:00:00
ID SAINT:49FC11550D2B9B0E5BCFAEC5B7ADC1FB
Type saint
Reporter SAINT Corporation
Modified 2012-08-06T00:00:00

Description

Added: 08/06/2012
CVE: CVE-2012-2019
BID: 54362
OSVDB: 83673

Background

HP Operations Agents is a fault and performance monitoring solution for servers.

Problem

A buffer overflow vulnerability in the **coda.exe** process, which listens on a random TCP port, could allow remote attackers to execute arbitrary code by sending a specially crafted GET request.

Resolution

Apply the patch referenced in HPSBMU02796 SSRT100594.

References

<http://www.zerodayinitiative.com/advisories/ZDI-12-114/>

Limitations

Exploit works on HP Operations Agent 11.00.

Platforms

Windows