Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in HP Power Manager, which can be exploited by malicious people to compromise a vulnerable system.
598b773c249af4228a7c112039d439c203d4c73f644fd92804a49573caa1f017
----------------------------------------------------------------------
Secunia integrated with Microsoft WSUS
http://secunia.com/blog/71/
----------------------------------------------------------------------
TITLE:
HP Power Manager "formExportDataLogs" Two Vulnerabilities
SECUNIA ADVISORY ID:
SA37280
VERIFY ADVISORY:
http://secunia.com/advisories/37280/
DESCRIPTION:
Secunia Research has discovered two vulnerabilities in HP Power
Manager, which can be exploited by malicious people to compromise a
vulnerable system.
1) A boundary error exists when processing parameters sent to the
/goform/formExportDataLogs URL. This can be exploited to cause a
stack-based buffer overflow via an overly long "fileName" parameter
sent to the affected URL.
2) An input sanitation error exists when handling "fileName"
parameters passed to the /goform/formExportDataLogs URL. This can be
exploited to overwrite arbitrary files with almost arbitrary data via
directory traversal attacks.
Successful exploitation of the vulnerabilities allows execution of
arbitrary code.
The vulnerabilities are confirmed in version 4.2.9. Other versions
may also be affected.
SOLUTION:
Update to version 4.2.10.
http://h18004.www1.hp.com/products/servers/proliantstorage/power-protection/software/power-manager/pm3-dl.html
PROVIDED AND/OR DISCOVERED BY:
Alin Rad Pop, Secunia Research
ORIGINAL ADVISORY:
Secunia Research:
http://secunia.com/secunia_research/2009-47/
http://secunia.com/secunia_research/2009-48/
HP (HPSBMA02485 SSRT090252):
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01971741
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------