vulnerability bulletin CVE-2012-0127
HP Performance Manager: code execution
Synthesis of the vulnerability
A remote attacker can use the PMParamHandler parameter of HP Performance Manager, in order to create a file with system privileges, which leads to code execution.Impacted products:
Performance Center, HP-UX.
BID-52749, c03255321, CERTA-2012-AVI-178, CVE-2012-0127, HPSBMU02756, SSRT100596, VIGILANCE-VUL-11498, ZDI-12-100, ZDI-CAN-1340.
Description of the vulnerability
The HP Performance Manager product uses a Tomcat server listening on port 8081/tcp.
However, the web service does not check if the PMParamHandler parameter indicates a file located outside the root of the web site. It also does not check if it contains a '\0' character, which can be used to prematurely stop the processing of the filename, and thus to change its extension.
A remote attacker can therefore use the PMParamHandler parameter of HP Performance Manager, in order to create a file with system privileges, which leads to code execution.Complete Vigil@nce bulletin....
Share this bulletin
Computer vulnerabilities tracking service
Vigil@nce provides an applications vulnerabilities alert
. The Vigil@nce vulnerability database contains several thousand vulnerabilities. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.