You are here

U-265: HP SiteScope Bugs in SiteScope SOAP Feature Let Remote Users Obtain Information and Execute Arbitrary Code

September 21, 2012 - 6:00am

Addthis

PROBLEM:

HP SiteScope Bugs in SiteScope SOAP Feature Let Remote Users Obtain Information and Execute Arbitrary Code

PLATFORM:

HP SiteScope v11.10, v11.11, v11.12 for Windows, Linux and Solaris

ABSTRACT:

A vulnerability was reported in HP SiteScope.

reference LINKS:

HP Security Bulletin Document ID: c03489683
SecurityTracker Alert ID:  1027547
CVE-2012-3259
CVE-2012-3260
CVE-2012-3261
CVE-2012-3262
CVE-2012-3263
CVE-2012-3264

IMPACT ASSESSMENT:

Medium

Discussion:

A vulnerability was reported in HP SiteScope. A remote user can execute arbitrary code on the target system. A remote user can obtain potentially sensitive information.

The SiteScope SOAP feature is affected.

Impact:  

A remote user can execute arbitrary code on the target system.

A remote user can obtain potentially sensitive information.

Solution:

The vendor has issued a fix. 

Addthis