Lucene search

K
saintSAINT CorporationSAINT:94DD62E7D4C2602EDF0704F85789EDD0
HistoryJun 18, 2010 - 12:00 a.m.

HP Operations Manager hidden Tomcat account

2010-06-1800:00:00
SAINT Corporation
download.saintcorporation.com
80

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.906 High

EPSS

Percentile

98.5%

Added: 06/18/2010
CVE: CVE-2009-3843
BID: 37086
OSVDB: 60317

Background

HP Operations Manager is a consolidated event and performance management console that correlates infrastructure, network and end-user experience events across an IT infrastructure.

Problem

A hidden Apache Tomcat account allows remote attackers to use the org.apache.catalina.manager.HTMLManagerServlet class to upload arbitrary files, leading to arbitrary code execution.

Resolution

Apply the patch referenced in HPSBMA02478 SSRT090251.

References

<http://www.zerodayinitiative.com/advisories/ZDI-09-085/&gt;

Limitations

Exploit works on HP Operations Manager A.08.10 on Windows Server 2003 and Windows Server 2008.

Platforms

Windows

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.906 High

EPSS

Percentile

98.5%