The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

threat alert CVE-2012-2019 CVE-2012-2020

HP Operations Agent, Performance Agent: code execution

Synthesis of the vulnerability

A remote attacker can use two vulnerabilities of HP Operations Agent and HP Performance Agent, in order to execute code.
Severity of this announce: 3/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 10/07/2012.
Revisions dates: 13/07/2012, 23/07/2012.
Références of this computer vulnerability: BID-54362, c03397769, CERTA-2012-AVI-374, CVE-2012-2019, CVE-2012-2020, HPSBMU02796, SSRT100594, SSRT100595, VIGILANCE-VUL-11749, ZDI-12-114, ZDI-12-115, ZDI-CAN-1325, ZDI-CAN-1326.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Two vulnerabilities were announced in HP Operations Agent and HP Performance Agent.

An unauthenticated attacker can use a GET query with a parameter with a large integer value for Opcode 0x34, in order to generate a buffer overflow in coda.exe. [severity:3/4; CVE-2012-2019, SSRT100594, ZDI-12-114, ZDI-CAN-1325]

An unauthenticated attacker can use a GET query with a parameter with a large integer value for Opcode 0x8C, in order to generate a buffer overflow in coda.exe. [severity:3/4; CVE-2012-2020, SSRT100595, ZDI-12-115, ZDI-CAN-1326]

A remote attacker can therefore use two vulnerabilities of HP Operations/Performance Agent, in order to execute code.
Full Vigil@nce bulletin... (Free trial)

This computer vulnerability bulletin impacts software or systems such as OpenView, OpenView Operations, HP Operations, Performance Center.

Our Vigil@nce team determined that the severity of this vulnerability bulletin is important.

The trust level is of type confirmed by the editor, with an origin of intranet client.

This bulletin is about 2 vulnerabilities.

A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a beginner ability can exploit this threat note.

Solutions for this threat

HP Operations Agent, Performance Agent: corrected versions and patches.
The version HP Operations Agent 11.02 is corrected.
For versions HP Operations Agent 11.x inferior to 11.02, a patch is available :
  Agent AIX : OAAIX_00003
  Agent HPUX : OAHPUX_00003
  Agent LINUX : OALIN_00003
  Agent SOLARIS : OASOL_00301
  Agent WINDOWS : OAWIN_00003
http://support.openview.hp.com/selfsolve/patches
For HP Operations Agent version 8.6 or HP Performance Agent 5.x, the patch HOTFIX_CODA_2011-10-21_1 is available (contact support).
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides a software vulnerabilities alert. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.