Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
APP:HPOV:REGISTER-FILE-DELETE |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
HP Operations Manager Register Arbitrary File Deletion |
Release Date |
2012/11/22 |
Update Number |
2205 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
APP: HP Operations Manager Register Arbitrary File Deletion
This signature detects attempts to exploit a known vulnerability in the HP Operations Manager. These vulnerabilities allow a remote attacker to delete or overwrite arbitrary files via a full pathname in the File field in a Register command. A successful attack can result in execution of arbitrary code with privileges up to and including SYSTEM, depending on the file being replaced.
Extended Description
HP Operations Manager is prone to an arbitrary-file-deletion vulnerability. An attacker can exploit this issue to delete arbitrary files on an affected computer. Successful exploits will result in a denial-of-service condition or the corruption of applications running on the affected computer.
Affected Products
- Hp openview_performance_agent 4.70
- Hp openview_performance_agent 5.0
- Hp operations_agent 11.0
- Hp operations_agent 8.60
- Hp operations_agent 8.60.5
- Hp operations_manager 8.1
References
- BugTraq: 48481
- CVE: CVE-2011-2608