The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Vulnerability of HP SiteScope: code execution via SOAP

Synthesis of the vulnerability

An attacker can use the SOAP feature of HP SiteScope, in order to execute code.
Severity of this alert: 3/4.
Creation date: 30/07/2013.
Revision date: 14/08/2013.
Références of this alert: BID-61506, c03861260, CERTA-2013-AVI-446, CVE-2013-2367, HPSBGN02904, SSRT101073, VIGILANCE-VUL-13181, ZDI-13-205, ZDI-CAN-1678.

Description of the vulnerability

The HP SiteScope service supports SOAP queries.

However, the SOAP runOMAgentCommand message can be used to directly execute a shell command.

An attacker can use the SOAP feature of HP SiteScope, in order to execute code.
Full Vigil@nce bulletin... (Request your free trial)

This computer threat note impacts software or systems such as SiteScope.

Our Vigil@nce team determined that the severity of this weakness alert is important.

The trust level is of type confirmed by the editor, with an origin of intranet client.

A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a technician ability can exploit this computer weakness note.

Solutions for this threat

HP SiteScope: version 11.22.
The version 11.22 is fixed:
  http://support.openview.hp.com/selfsolve/patches
Full Vigil@nce bulletin... (Request your free trial)

Computer vulnerabilities tracking service

Vigil@nce provides computer vulnerability alerts. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system.