Executive Summary

Summary
Title HP System Management Homepage vulnerable to a denial-of-service condition
Informations
Name VU#895524 First vendor Publication 2013-09-24
Vendor VU-CERT Last vendor Modification 2013-09-24
Severity (Vendor) N/A Revision M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Cvss Base Score 4 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 8 Authentication Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability Note VU#895524

HP System Management Homepage vulnerable to a denial-of-service condition

Original Release date: 24 Sep 2013 | Last revised: 24 Sep 2013

Overview

HP System Management Homepage 7.2.0.14 and possibly earlier versions contain a denial-of-service vulnerability (CWE-121).

Description

CWE-121: Stack-based Buffer Overflow

HP System Management Homepage 7.2.0.14 contains a denial-of-service vulnerability. The remote attacker may send the listener service a malformed request using the iprange parameter in /proxy/DataValidation. One of the listener child processes will then crash with that request value, overwriting EIP and corrupting the stack, resulting in a denial-of-service condition.

Impact

A remote attacker may be able to cause a denial-of-service condition against the HP System Management Homepage software.

Solution

HP has made System Management Homepage (SMH) v7.2.1 available for Windows and Linux to resolve the vulnerabilities. In the event that updating is not possible, the following workaround is also available.

Limit Access
Anonymous access is required for this attack to take place. Disabling this feature via the administration page will render the attacker unable to send this request without having proper authentication credentials.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
Hewlett-Packard CompanyAffected28 Jun 201320 Sep 2013
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

GroupScoreVector
Base5.6AV:N/AC:H/Au:S/C:N/I:P/A:C
Temporal4.4E:POC/RL:OF/RC:C
Environmental3.3CDP:ND/TD:M/CR:ND/IR:ND/AR:ND

References

  • http://cwe.mitre.org/data/definitions/121.html
  • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03839862
  • http://h18013.www1.hp.com/products/servers/management/agents/index.html

Credit

Thanks to the reporter that wishes to remain anonymous.

This document was written by Adam Rauf.

Other Information

  • CVE IDs:CVE-2013-4821
  • Date Public:18 Sep 2013
  • Date First Published:24 Sep 2013
  • Date Last Updated:24 Sep 2013
  • Document Revision:13

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Original Source

Url : http://www.kb.cert.org/vuls/id/895524

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 89

Nessus® Vulnerability Scanner

Date Description
2013-07-23 Name : The remote web server is affected by multiple vulnerabilities.
File : hpsmh_7_2_1_0.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2014-02-17 12:08:15
  • Multiple Updates
2013-09-24 17:19:08
  • First insertion