APP: Hewlett-Packard Operations Manager Server Unauthorized File Upload
This signature detects attempts to exploit a known vulnerability in HP Operations Manager Server. An attacker can use default, unchangeable administrator credentials and upload and execute arbitrary files on the server.
Extended Description
HP Operations Manager is prone to a remote unauthorized-access vulnerability. An attacker can exploit this issue to upload and execute arbitrary code with SYSTEM-level permissions, which will facilitate a complete compromise of the affected computer. Operations Manager 8.1 for Windows is vulnerable; other versions may also be vulnerable.
Affected Products
Hp operations_manager
References
CVE: CVE-2009-4188
URL: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01931960 http://www-01.ibm.com/support/docview.wss?uid=swg21419179 http://tomcat.apache.org/tomcat-5.5-doc/manager-howto.html http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01931960 http://www.zerodayinitiative.com/advisories/zdi-09-085/
Short Name
APP:HPOV:UNAUTH-FILE-UPLOAD
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
CVE-2009-3548 CVE-2009-3843 CVE-2009-4188 CVE-2009-4189 CVE-2010-0557 CVE-2010-4094 File Hewlett-Packard Manager Operations Server Unauthorized Upload bid:36954 bid:37086 bid:38084
Release Date
01/05/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3725
False Positive
Unknown
Vendors
Hp
CVSS Score
7.5
10.0
5.0