Hewlett-Packard System Management iprange Parameter Remote Code Execution Vulnerability

ID ZDI-13-204
Type zdi
Reporter agix
Modified 2013-11-09T00:00:00


This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP System Management. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the handling of the iprange parameter when passed to /proxy/DataValidation in an HTTP request. Overflowing this parameter with data will cause a stack buffer overflow. An attacker can exploit this condition to gain remote code execution as SYSTEM.