Advisory Details

August 13th, 2013

Hewlett-Packard System Management iprange Parameter Remote Code Execution Vulnerability

ZDI-13-204
ZDI-CAN-1676

CVE ID CVE-2013-2362
CVSS SCORE 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
AFFECTED VENDORS Hewlett-Packard
AFFECTED PRODUCTS System Management
VULNERABILITY DETAILS


This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP System Management. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the handling of the iprange parameter when passed to /proxy/DataValidation in an HTTP request. Overflowing this parameter with data will cause a stack buffer overflow. An attacker can exploit this condition to gain remote code execution as SYSTEM.

ADDITIONAL DETAILS Hewlett-Packard has issued an update to correct this vulnerability. More details can be found at:
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03839862
DISCLOSURE TIMELINE
  • 2013-01-08 - Vulnerability reported to vendor
  • 2013-08-13 - Coordinated public release of advisory
CREDIT agix
BACK TO ADVISORIES