logo
DATABASE RESOURCES PRICING ABOUT US

HP Operations Manager hidden Tomcat account

Description

Added: 06/18/2010 CVE: [CVE-2009-3843](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3843>) BID: [37086](<http://www.securityfocus.com/bid/37086>) OSVDB: [60317](<http://www.osvdb.org/60317>) ### Background [HP Operations Manager](<https://h10078.www1.hp.com/cda/hpms/display/main/hpms_content.jsp?zn=bto&cp=1-11-15-28_4000_100__>) is a consolidated event and performance management console that correlates infrastructure, network and end-user experience events across an IT infrastructure. ### Problem A hidden Apache Tomcat account allows remote attackers to use the org.apache.catalina.manager.HTMLManagerServlet class to upload arbitrary files, leading to arbitrary code execution. ### Resolution Apply the patch referenced in [HPSBMA02478 SSRT090251](<http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01931960>). ### References <http://www.zerodayinitiative.com/advisories/ZDI-09-085/> ### Limitations Exploit works on HP Operations Manager A.08.10 on Windows Server 2003 and Windows Server 2008. ### Platforms Windows


Related