logo
DATABASE RESOURCES PRICING ABOUT US

HP System Management Homepage iprange parameter command execution

Description

Added: 04/12/2013 BID: [58817](<http://www.securityfocus.com/bid/58817>) OSVDB: [91812](<http://www.osvdb.org/91812>) ### Background [HP System Management Homepage](<http://h18004.www1.hp.com/products/servers/management/agents/>) (SMH) is a web-based interface that consolidates the management of ProLiant and Integrity servers. ### Problem A vulnerability in HP SMH allows command execution when an attacker requests `**/proxy/DataValidation**` with a specially crafted `**iprange**` parameter. ### Resolution [Upgrade](<http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en&cc=us&prodTypeId=15351&prodSeriesId=428936&swItem=MTX-df3d68cc03364ce78f1987b83b&prodNameId=3288114&swEnvOID=4006&swLang=8&taskId=135&mode=5>) to HP SMH 7.2.0-14 or higher. ### References <http://www.securityfocus.com/bid/58817> ### Limitations Exploit works on HP System Management Homepage 7.1.1-1 on CentOS 6 (Exec-Shield Enabled). HP System Management must be configured with Anonymous access enabled in order for this exploit to succeed. This exploit requires the IO-Socket-SSL Perl module. ### Platforms Linux