APP: HP OpenView Performance Insight Server Backdoor Account Code Execution
This signature detects attempts to exploit a known vulnerability against HP OpenView. A successful attack can lead to arbitrary code execution.
Extended Description
HP OpenView Performance Insight Server is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will completely compromise affected computers.HP OpenView Performance Insight Server is prone to a remote code-execution vulnerability. Specifically, this issue occurs because of a hidden account present in the 'com.trinagy.security.XMLUserManager' Java class which allows attackers to access the 'com.trinagy.servlet.HelpManagerServlet' Java class. This class provides a 'doPost()' method which can be exploited by the attackers to upload malicious code on the server.
Affected Products
Hp openview_performance_insight
Short Name
APP:HPOV:PERFORMANCE-INSIGHT
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Account Backdoor CVE-2011-0276 Code Execution HP Insight OpenView Performance Server bid:46079
Release Date
07/21/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3660
False Positive
Unknown
Vendors
Hp
CVSS Score
10.0