APP: HP Power Manager formExportDataLogs Directory Traversal
This signature detects attempts to exploit a known vulnerability in the HP Power Manager UPS management system. It is due to an input validation error while processing parameters sent to the formExportDataLogs form of the Web based management Web server. Remote unauthenticated attackers can exploit this to overwrite arbitrary files with attacker-controlled data on the target system by sending malicious HTTP requests. Successful exploitation can lead to injection and execution of arbitrary code on the target system within the security context of SYSTEM.
Extended Description
HP Power Manager is prone to a remote code-execution vulnerability because it fails to properly bounds-check user-supplied data. An attacker can exploit this issue to execute arbitrary code with SYSTEM privileges, resulting in a complete compromise of the affected computer. Failed exploit attempts will result in a denial-of-service condition. NOTE: This BID initially referenced CVE-2009-3999 and CVE-2009-4000. These issues are now described in BID 37867 (CVE-2009-3999) and BID 37873 (CVE-2009-4000). Versions prior to Power Manager 4.2.10 are affected.
Affected Products
Hp power_manager
References
BugTraq: 37866
CVE: CVE-2009-4000
URL: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01971741
Short Name
APP:HP-PWR-MGR-DIR-TRAV
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
CVE-2009-4000 Directory HP Manager Power Traversal bid:37866 formExportDataLogs
Release Date
09/27/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Hp
CVSS Score
10.0