The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of MicroFocus SiteScope

computer vulnerability bulletin CVE-2014-0107

Xalan-Java: vulnerabilities of FEATURE_SECURE_PROCESSING

Synthesis of the vulnerability

An attacker can use several vulnerabilities of the FEATURE_SECURE_PROCESSING implementation in Xalan-Java.
Impacted products: Xalan-Java, Debian, Fedora, SiteScope, Mule ESB, openSUSE, RHEL, JBoss EAP by Red Hat, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: user access/rights, data reading.
Provenance: document.
Number of vulnerabilities in this bulletin: 3.
Creation date: 25/03/2014.
Identifiers: c05324755, CERTFR-2014-AVI-252, CERTFR-2014-AVI-365, CVE-2014-0107, DSA-2886-1, FEDORA-2014-4426, FEDORA-2014-4443, HPSBGN03669, oCERT-2014-002, openSUSE-SU-2014:0861-1, openSUSE-SU-2014:0948-1, RHSA-2014:0348-01, RHSA-2014:0453-01, RHSA-2014:0454-01, RHSA-2014:0590-01, RHSA-2014:0591-01, RHSA-2014:0818-01, RHSA-2014:0819-01, RHSA-2014:1007-01, RHSA-2014:1059-01, RHSA-2014:1290-01, RHSA-2014:1291-01, RHSA-2014:1351-01, RHSA-2014:1369-01, RHSA-2014:1995-01, RHSA-2015:1009, SUSE-SU-2014:0870-1, USN-2218-1, VIGILANCE-VUL-14468, XALANJ-2435.

Description of the vulnerability

The FEATURE_SECURE_PROCESSING (http://javax.xml.XMLConstants/feature/secure-processing) constant requires Xalan-Java to analyze XML files in a secure way, in order for example to block denial of service attacks. However, it is impacted by three vulnerabilities.

An attacker can access to XSLT 1.0 system-property(), in order to obtain sensitive information. [severity:2/4]

The xalan:content-handler and xalan:entities properties can be used to load a class or an external resource. [severity:2/4; XALANJ-2435]

If BSF (Bean Scripting Framework) is in the classpath, an attacker can open a JAR, in order to execute code. [severity:2/4]
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2013-6207

HP SiteScope: command execution via loadFileContents

Synthesis of the vulnerability

An attacker can call the loadFileContents function of HP SiteScope, in order to execute a command on the server.
Impacted products: SiteScope.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights.
Provenance: intranet client.
Creation date: 05/03/2014.
Identifiers: BID-65972, c03969435, CVE-2013-6207, HPSBMU02933, SSRT101126, VIGILANCE-VUL-14362, ZDI-14-043.

Description of the vulnerability

The HP SiteScope product has a SOAP interface, which is used for remote queries.

However, the SOAP API exposes the loadFileContents function, which is used to execute a command.

An attacker can therefore call the loadFileContents function of HP SiteScope, in order to execute a command on the server.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2014-0050

Apache Tomcat: denial of service via Apache Commons FileUpload

Synthesis of the vulnerability

An attacker can use a long Content-Type header, to generate an infinite loop in Apache Commons FileUpload or Apache Tomcat, in order to trigger a denial of service.
Impacted products: Tomcat, Debian, BIG-IP Hardware, TMOS, Fedora, SiteScope, Domino, QRadar SIEM, Tivoli Storage Manager, WebSphere AS Traditional, ePO, openSUSE, Oracle Communications, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu, Unix (platform) ~ not comprehensive, vCenter Server, VMware vSphere.
Severity: 3/4.
Consequences: denial of service on service.
Provenance: internet client.
Creation date: 06/02/2014.
Revision date: 13/02/2014.
Identifiers: 1667254, 1676656, 1680564, 1999395, 1999474, 1999478, 1999479, 1999488, 1999532, 2015814, BID-65400, c05324755, CERTFR-2014-AVI-200, CERTFR-2014-AVI-282, CERTFR-2014-AVI-368, CERTFR-2014-AVI-382, cpuoct2016, CVE-2014-0050, DSA-2856-1, DSA-2897-1, FEDORA-2014-2175, FEDORA-2014-2183, HPSBGN03669, MDVSA-2014:056, MDVSA-2015:084, openSUSE-SU-2014:0527-1, openSUSE-SU-2014:0528-1, RHSA-2014:0252-01, RHSA-2014:0253-01, RHSA-2014:0373-01, RHSA-2014:0400-03, RHSA-2014:0401-02, RHSA-2014:0429-01, RHSA-2014:0452-01, RHSA-2014:0459-01, RHSA-2014:0473-01, RHSA-2014:0525-01, RHSA-2014:0526-01, RHSA-2014:0527-01, RHSA-2014:0528-01, RHSA-2015:1009, SB10079, SOL15189, SUSE-SU-2014:0548-1, USN-2130-1, VIGILANCE-VUL-14183, VMSA-2014-0007, VMSA-2014-0007.1, VMSA-2014-0007.2, VMSA-2014-0008, VMSA-2014-0008.2, VMSA-2014-0012.

Description of the vulnerability

The Apache Commons FileUpload component manages the file upload feature. It is included in Apache Tomcat.

The HTTP Content-Type header indicates the type of the query body. However, if the size of this header is larger than 4091 bytes, the fileupload/MultipartStream.java class indefinitely tries to store data in an array which is too short.

An attacker can therefore use a long Content-Type header, to generate an infinite loop in Apache Commons FileUpload or Apache Tomcat, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2013-4835

HP SiteScope: command execution via issueSiebelCmd

Synthesis of the vulnerability

An attacker can call the issueSiebelCmd function of HP SiteScope, in order to execute a command on the server.
Impacted products: SiteScope.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights.
Provenance: intranet client.
Creation date: 04/11/2013.
Identifiers: BID-63478, c03969435, CVE-2013-4835, HPSBMU02933, SSRT101126, VIGILANCE-VUL-13686, ZDI-13-263, ZDI-CAN-1765.

Description of the vulnerability

The HP SiteScope product has a SOAP interface, which is used for remote queries.

However, the SOAP API exposes the issueSiebelCmd function, which is used to execute a command.

An attacker can therefore call the issueSiebelCmd function of HP SiteScope, in order to execute a command on the server.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2013-2367

HP SiteScope: code execution via SOAP

Synthesis of the vulnerability

An attacker can use the SOAP feature of HP SiteScope, in order to execute code.
Impacted products: SiteScope.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights.
Provenance: intranet client.
Creation date: 30/07/2013.
Revision date: 14/08/2013.
Identifiers: BID-61506, c03861260, CERTA-2013-AVI-446, CVE-2013-2367, HPSBGN02904, SSRT101073, VIGILANCE-VUL-13181, ZDI-13-205, ZDI-CAN-1678.

Description of the vulnerability

The HP SiteScope service supports SOAP queries.

However, the SOAP runOMAgentCommand message can be used to directly execute a shell command.

An attacker can use the SOAP feature of HP SiteScope, in order to execute code.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2012-3259 CVE-2012-3260 CVE-2012-3261

HP SiteScope: six vulnerabilities

Synthesis of the vulnerability

An unauthenticated attacker can use several vulnerabilities of HP SiteScope, in order to execute privileged code.
Impacted products: SiteScope.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 6.
Creation date: 29/08/2012.
Identifiers: BID-55269, BID-55273, c03489683, CERTA-2012-AVI-517, CVE-2012-3259, CVE-2012-3260, CVE-2012-3261, CVE-2012-3262, CVE-2012-3263, CVE-2012-3264, HPSBMU02815, SSRT100715, SSRT100717, SSRT100718, SSRT100719, SSRT100720, VIGILANCE-VUL-11903, ZDI-12-173, ZDI-12-174, ZDI-12-175, ZDI-12-176, ZDI-12-177, ZDI-12-178, ZDI-CAN-1461, ZDI-CAN-1463, ZDI-CAN-1464, ZDI-CAN-1465, ZDI-CAN-1472.

Description of the vulnerability

Six vulnerabilities were announced in HP SiteScope.

An unauthenticated attacker can call the SOAP getSiteScopeConfiguration() function, in order to obtain the administrator password. [severity:3/4; ZDI-12-173]

An unauthenticated attacker can use the UploadFilesHandler url, in order to upload a script on the server. [severity:3/4; BID-55273, ZDI-12-174]

An unauthenticated attacker can call the SOAP create() function, in order to create a new user. [severity:3/4; ZDI-12-175]

An unauthenticated attacker can call the SOAP getFileInternal() function, in order to read the configuration, which contains passwords. [severity:3/4; ZDI-12-176]

An unauthenticated attacker can call the SOAP loadFileContent() function, in order to read configuration files, which contain passwords. [severity:3/4; ZDI-12-177]

An unauthenticated attacker can call the SOAP update() function, in order to change the administrator's password. [severity:3/4; ZDI-12-178]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce 10957

HP SiteScope: two vulnerabilities

Synthesis of the vulnerability

An attacker can use two vulnerabilities of HP SiteScope, in order to read a file or to create a user.
Impacted products: SiteScope.
Severity: 3/4.
Consequences: privileged access/rights, data reading.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 29/08/2011.
Identifiers: BID-49345, VIGILANCE-VUL-10957.

Description of the vulnerability

A user cannot do administrative actions, because they are greyed in the HP SiteScope interface. However a direct query to the servlet can access them. This leads to two vulnerabilities.

An attacker can login on the integrationViewer account, and use a com.mercury.sitescope.ui.common.bean.tools.LogAnalysisToolBean object, in order to read a file. [severity:2/4]

An attacker can login on the integrationViewer account, and use a UserInstancePreferences object, in order to create a user. [severity:3/4]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2011-2400 CVE-2011-2401

HP SiteScope: two vulnerabilities

Synthesis of the vulnerability

An attacker can use two vulnerabilities of HP SiteScope, in order to create a Cross Site Scripting, or to access to a session.
Impacted products: SiteScope.
Severity: 3/4.
Consequences: user access/rights, client access/rights.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 28/07/2011.
Identifiers: BID-48913, BID-48916, c02940969, CERTA-2011-AVI-427, CVE-2011-2400, CVE-2011-2401, HPSBMU02692, SSRT100581, VIGILANCE-VUL-10877.

Description of the vulnerability

Two vulnerabilities were announced in HP SiteScope.

An attacker can create a Cross Site Scripting, in order to execute JavaScript code in user's web browser. [severity:2/4; BID-48913, CERTA-2011-AVI-427, CVE-2011-2400]

An attacker can force the value of the session variable, in order to access to a user's session. [severity:3/4; BID-48916, CVE-2011-2401]

An attacker can therefore use two vulnerabilities of HP SiteScope, in order to create a Cross Site Scripting, or to access to a session.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2011-1726 CVE-2011-1727

HP SiteScope: Cross Site Scripting

Synthesis of the vulnerability

An attacker can generate a Cross Site Scripting or inject HTML code in HP SiteScope.
Impacted products: SiteScope.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 22/04/2011.
Identifiers: BID-47554, c02807712, CERTA-2011-AVI-257, CVE-2011-1726, CVE-2011-1727, HPSBMA02667, SSRT100464, VIGILANCE-VUL-10597.

Description of the vulnerability

Two vulnerabilities were announced in HP SiteScope.

An attacker can create a Cross Site Scripting. [severity:2/4; CERTA-2011-AVI-257, CVE-2011-1726]

An attacker can inject HTML code. [severity:1/4; CVE-2011-1727]
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about MicroFocus SiteScope: