APP: HP Operations Manager Register Arbitrary File Deletion
This signature detects attempts to exploit a known vulnerability in the HP Operations Manager. These vulnerabilities allow a remote attacker to delete or overwrite arbitrary files via a full pathname in the File field in a Register command. A successful attack can result in execution of arbitrary code with privileges up to and including SYSTEM, depending on the file being replaced.
Extended Description
HP Operations Manager is prone to an arbitrary-file-deletion vulnerability. An attacker can exploit this issue to delete arbitrary files on an affected computer. Successful exploits will result in a denial-of-service condition or the corruption of applications running on the affected computer.
Affected Products
Hp operations_agent
Short Name
APP:HPOV:REGISTER-FILE-DELETE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Arbitrary CVE-2011-2608 Deletion File HP Manager Operations Register bid:48481
Release Date
11/23/2012
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
Port
tcp/383
False Positive
Unknown
Vendors
Hp
CVSS Score
6.4