You are here

T-588: HP Virtual SAN Appliance Stack Overflow

March 25, 2011 - 5:05pm

Addthis

PROBLEM:

HP Virtual SAN Appliance Stack Overflow in 'hydra.exe' Lets Remote Users Execute Arbitrary Code.

 

PLATFORM:

HP StorageWorks P4000 Virtual SAN Appliance Software

ABSTRACT:
 

A vulnerability has been reported in HP StorageWorks P4000 Virtual SAN Appliance Software, which can be exploited by malicious people to compromise a vulnerable system.

 

 

reference LINKS:
  
 

Secunia advisory 34782
SecurityTracker Alert ID: 1025249
ZDI-11-111
Bugtraq ID: 47005

 

IMPACT ASSESSMENT:

High
 

Discussion:

Hewlett-Packard Virtual SAN Appliance is prone to a remote buffer-overflow vulnerability.

Attackers may exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts may result in a denial-of-service condition.

 

Impact:
 

A vulnerability was reported in HP Virtual SAN Appliance. A remote user can execute arbitrary code on the target device.

A remote user can send a specially crafted login request to 'hydra.exe' on port 13838 to trigger a stack overflow and execute arbitrary code on the target system. The code will run with System privileges.

 

Solution:

This vulnerability could be mitigated by administrators by restricting communication with the hydra agent to known client IP addresses. A remote user can execute arbitrary code on the target system.
HP Software Update
 

 

Addthis