The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of MicroFocus Operations

computer vulnerability alert CVE-2013-6191 CVE-2013-6192

HP Operations Orchestration: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of HP Operations Orchestration.
Impacted products: HP Operations.
Severity: 2/4.
Consequences: user access/rights, client access/rights.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 13/12/2013.
Identifiers: BID-64322, BID-64323, c04041093, CVE-2013-6191, CVE-2013-6192, HPSBGN02951, SSRT101342, VIGILANCE-VUL-13946.

Description of the vulnerability

Several vulnerabilities were announced in HP Operations Orchestration.

An attacker can trigger a Cross Site Scripting, in order to execute JavaScript code in the context of the web site. [severity:2/4; BID-64323, CVE-2013-6191]

An attacker can trigger a Cross Site Request Forgery, in order to force the victim to perform operations. [severity:2/4; BID-64322, CVE-2013-6192]
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2013-2071

Apache Tomcat: information disclosure via AsyncListener

Synthesis of the vulnerability

When a Tomcat application uses an AsyncListener which throws a RuntimeException exception, elements of the previous query can be transmitted to the client, who thus obtain potentially sensitive information.
Impacted products: Tomcat, Debian, Fedora, HP Operations, openSUSE, RHEL.
Severity: 2/4.
Consequences: data reading.
Provenance: internet client.
Creation date: 13/05/2013.
Identifiers: 54178, BID-59798, c04125866, CVE-2013-2071, DSA-2897-1, FEDORA-2013-7993, FEDORA-2013-7999, HPSBMU02966, openSUSE-SU-2013:1306-1, RHSA-2013:1012-01, RHSA-2013:1013-01, VIGILANCE-VUL-12774.

Description of the vulnerability

The AsyncListener interface can be used to implement a class which is notified when an asynchronous event occurs.

The AsyncContextImpl class is used for AsyncListener. However, when a RuntimeException occurs, the Request object is not recycled.

When a Tomcat application uses an AsyncListener which throws a RuntimeException exception, elements of the previous query can thus be transmitted to the client, who therefore obtain potentially sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2012-3258

HP Operations Orchestration: code execution via RSScheduler

Synthesis of the vulnerability

An unauthenticated attacker can inject commands in the JDBC component of the RSScheduler service of HP Operations Orchestration, in order to execute code with system privileges.
Impacted products: OpenView, OpenView Operations, HP Operations.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: intranet client.
Creation date: 29/08/2012.
Identifiers: BID-55270, BID-55594, c03490339, CVE-2012-3258, HPSBMU02813, SSRT100712, VIGILANCE-VUL-11902, ZDI-12-172.

Description of the vulnerability

The JDBC component of the RSScheduler service of HP Operations Orchestration listens by default on port 9001/tcp.

However, an attacker can inject SQL data via JDBC. These data are then executed with privileges of the SYSTEM user.

An unauthenticated attacker can therefore inject commands in the JDBC component of the RSScheduler service of HP Operations Orchestration, in order to execute code with system privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability note 11884

HP Operations Agent for NonStop Server: code execution via HEALTH

Synthesis of the vulnerability

A network attacker can generate a buffer overflow in the HP Operations Agent for NonStop Server ELinkService, in order to execute code with system privileges.
Impacted products: HP Operations.
Severity: 3/4.
Consequences: administrator access/rights.
Provenance: intranet client.
Creation date: 23/08/2012.
Identifiers: BID-55161, VIGILANCE-VUL-11884, ZDI-12-165.

Description of the vulnerability

The HP Operations Agent for NonStop Server service uses the ELinkService process, which listens on ports 7771 and 8976 by default.

A network attacker can send a HEALTH packet, to generate a buffer overflow in the HP Operations Agent for NonStop Server ELinkService, in order to execute code with system privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2012-2019 CVE-2012-2020

HP Operations Agent, Performance Agent: code execution

Synthesis of the vulnerability

A remote attacker can use two vulnerabilities of HP Operations Agent and HP Performance Agent, in order to execute code.
Impacted products: OpenView, OpenView Operations, HP Operations, Performance Center.
Severity: 3/4.
Consequences: privileged access/rights.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 10/07/2012.
Revisions dates: 13/07/2012, 23/07/2012.
Identifiers: BID-54362, c03397769, CERTA-2012-AVI-374, CVE-2012-2019, CVE-2012-2020, HPSBMU02796, SSRT100594, SSRT100595, VIGILANCE-VUL-11749, ZDI-12-114, ZDI-12-115, ZDI-CAN-1325, ZDI-CAN-1326.

Description of the vulnerability

Two vulnerabilities were announced in HP Operations Agent and HP Performance Agent.

An unauthenticated attacker can use a GET query with a parameter with a large integer value for Opcode 0x34, in order to generate a buffer overflow in coda.exe. [severity:3/4; CVE-2012-2019, SSRT100594, ZDI-12-114, ZDI-CAN-1325]

An unauthenticated attacker can use a GET query with a parameter with a large integer value for Opcode 0x8C, in order to generate a buffer overflow in coda.exe. [severity:3/4; CVE-2012-2020, SSRT100595, ZDI-12-115, ZDI-CAN-1326]

A remote attacker can therefore use two vulnerabilities of HP Operations/Performance Agent, in order to execute code.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2011-4160

HP Operations Agent, Performance Agent: access to a directory

Synthesis of the vulnerability

A local attacker can use a vulnerability of HP Operations Agent and Performance Agent on Unix, in order to access to a directory.
Impacted products: OpenView, OpenView Operations, HP Operations, Performance Center.
Severity: 2/4.
Consequences: data reading, data creation/edition, data deletion.
Provenance: user shell.
Creation date: 22/11/2011.
Identifiers: BID-50761, c03091656, CVE-2011-4160, HPSBMU02726, SSRT100685, VIGILANCE-VUL-11173.

Description of the vulnerability

The HP Operations Agent and Performance Agent products can be installed on Unix.

A local attacker can use a vulnerability of HP Operations Agent and Performance Agent on Unix, in order to access to a directory.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2011-2608

HP Performance Agent, Operations Agent: file deletion via ovbbccb.exe

Synthesis of the vulnerability

A remote attacker can request the ovbbccb.exe service to delete a file with system privileges.
Impacted products: HP Operations, Performance Center.
Severity: 2/4.
Consequences: data deletion.
Provenance: intranet client.
Creation date: 29/06/2011.
Identifiers: BID-48481, c02941034, CVE-2011-2608, HPSBMU02691, SSRT100483, VIGILANCE-VUL-10792.

Description of the vulnerability

The HP OpenView Communications Broker (ovbbccb.exe) service listens on port 383/tcp. It is installed with HP Performance Agent and Operations Agent.

A user can send a "Register" query to ask this service to register information about another service. This query indicates the name of the file containing information. When the registration is done, ovbbccb.exe deletes this file.

However, the attacker can indicate any filename (C:\important.ini or \\server\share\important.txt).

A remote attacker can therefore request the ovbbccb.exe service to delete a file with system privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2011-0893 CVE-2011-0894

HP Operations for UNIX: two vulnerabilities

Synthesis of the vulnerability

An attacker can use two vulnerabilities of HP Operations for UNIX, in order to create a Cross Site Scripting, or to access to data.
Impacted products: HP Operations.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, client access/rights.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 01/04/2011.
Identifiers: BID-47119, c02770049, CERTA-2011-AVI-185, CVE-2011-0893, CVE-2011-0894, HPSBMA02650, SSRT100429, VIGILANCE-VUL-10508.

Description of the vulnerability

Two vulnerabilities were announced in HP Operations for UNIX.

An attacker can use a Cross Site Scripting. [severity:2/4; CERTA-2011-AVI-185, CVE-2011-0893]

An attacker can access to data. [severity:3/4; CVE-2011-0894]
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2010-3864

OpenSSL: code execution via TLS Extensions

Synthesis of the vulnerability

An attacker can use a TLS extension, in order to corrupt the memory of multi-threaded applications using OpenSSL and its internal caching feature.
Impacted products: ProxySG par Blue Coat, SGOS by Blue Coat, Debian, Fedora, FreeBSD, HP Operations, Performance Center, HP-UX, AIX, Tivoli Workload Scheduler, Mandriva Linux, NetBSD, OpenBSD, OpenSolaris, OpenSSL, openSUSE, RHEL, Slackware, StoneGate Firewall, SLES, ESX, ESXi, vCenter Server, VirtualCenter, VMware vSphere, VMware vSphere Hypervisor.
Severity: 3/4.
Consequences: user access/rights.
Provenance: internet client.
Creation date: 17/11/2010.
Identifiers: 1643316, 649304, BID-44884, c02737002, c03179825, CERTA-2002-AVI-272, CERTA-2010-AVI-555, CERTA-2011-AVI-242, CERTA-2011-AVI-294, CERTA-2012-AVI-056, CVE-2010-3864, DSA-2125-1, FEDORA-2010-17826, FEDORA-2010-17827, FEDORA-2010-17847, FreeBSD-SA-10:10.openssl, HPSBGN02740, HPSBUX02638, MDVSA-2010:238, NetBSD-SA2010-012, openSUSE-SU-2010:0965-1, openSUSE-SU-2010:0965-2, RHSA-2010:0888-01, SA68, SSA:2010-326-01, SSRT100339, SSRT100741, SUSE-SR:2010:022, VIGILANCE-VUL-10130, VMSA-2011-0003, VMSA-2011-0003.1, VMSA-2011-0003.2.

Description of the vulnerability

Since its version 0.9.8f, OpenSSL supports the TLS SNI (Server Name Indication) extension. It is enabled if OpenSSL is compiled with the "enable-tlsext" option (enabled by default since version 0.9.8k).

The SSL session caching feature saves sessions, to be reused later. An application can enable it with the SSL_CTX_set_session_cache_mode() function. For example, Apache httpd does not enable it.

When a multi-thread application uses OpenSSL, the ssl/t1_lib.c file does not lock the caching of TLS SNI. An attacker can therefore open two simultaneous sessions, so a double caching is tried, which corrupts the memory.

An attacker can therefore use a TLS extension, in order to corrupt the memory of multi-threaded applications using OpenSSL and its internal caching feature.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2010-3985

HP Operations Orchestration: Cross Site Scripting

Synthesis of the vulnerability

An attacker can generate a Cross Site Scripting in HP Operations Orchestration.
Impacted products: HP Operations.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 21/10/2010.
Identifiers: BID-44331, c02541822, CVE-2010-3985, HPSBMA02588, SSRT100001, VIGILANCE-VUL-10063.

Description of the vulnerability

An attacker can generate a Cross Site Scripting in HP Operations Orchestration.

This Cross Site Scripting impacts users of Microsoft Internet Explorer 6.0.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.