Advisory Details

August 13th, 2013

Hewlett-Packard Network Node Manager I pmd.exe Remote Code Execution Vulnerability

ZDI-13-201
ZDI-CAN-1566

CVE ID CVE-2013-2351
CVSS SCORE 7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
AFFECTED VENDORS Hewlett-Packard
AFFECTED PRODUCTS iNode Management Center
VULNERABILITY DETAILS


This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager i. Authentication is not required to exploit this vulnerability.

The specific flaw exists within pmd.exe, which listens by default on TCP port 162. By sending a specially crafted packet to the process, an attacker can provide a size to allocate an undersized buffer which will later be used for a memcpy. This vulnerability will cause a corruption of heap memory and allow for an attacker to execute code under the context of the process.

ADDITIONAL DETAILS Hewlett-Packard has issued an update to correct this vulnerability. More details can be found at:
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03747342
DISCLOSURE TIMELINE
  • 2012-11-19 - Vulnerability reported to vendor
  • 2013-08-13 - Coordinated public release of advisory
CREDIT e6af8de8b1d4b2b6d5ba2610cbf9cd38
BACK TO ADVISORIES