Short Name |
APP:HP-PWR-MGR-DIR-TRAV |
---|---|
Severity |
Critical |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
HP Power Manager formExportDataLogs Directory Traversal |
Release Date |
2010/09/27 |
Update Number |
1780 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in the HP Power Manager UPS management system. It is due to an input validation error while processing parameters sent to the formExportDataLogs form of the Web based management Web server. Remote unauthenticated attackers can exploit this to overwrite arbitrary files with attacker-controlled data on the target system by sending malicious HTTP requests. Successful exploitation can lead to injection and execution of arbitrary code on the target system within the security context of SYSTEM.
HP Power Manager is prone to a remote code-execution vulnerability because it fails to properly bounds-check user-supplied data. An attacker can exploit this issue to execute arbitrary code with SYSTEM privileges, resulting in a complete compromise of the affected computer. Failed exploit attempts will result in a denial-of-service condition. NOTE: This BID initially referenced CVE-2009-3999 and CVE-2009-4000. These issues are now described in BID 37867 (CVE-2009-3999) and BID 37873 (CVE-2009-4000). Versions prior to Power Manager 4.2.10 are affected.