发布时间 :2005-12-31 00:00:00
修订时间 :2011-03-07 21:29:03

[原文]Buffer overflow in the HP HTTP Server 5.0 through 5.95 of the HP Web-enabled Management Software allows remote attackers to execute arbitrary code via unknown vectors.

[CNNVD]HP HTTP Server远程未明缓冲区溢出漏洞(CNNVD-200512-866)

        HP 支持Web功能的管理软件的HP HTTP Server 5.0至5.95版本存在缓冲区溢出,远程攻击者可以通过未知向量执行任意代码。

- CVSS (基础分值)

CVSS分值: 10 [严重(HIGH)]
机密性影响: COMPLETE [完全的信息泄露导致所有系统文件暴露]
完整性影响: COMPLETE [系统完整性可被完全破坏]
可用性影响: COMPLETE [可能导致系统完全宕机]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: NETWORK [攻击者不需要获取内网访问权或本地访问权]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:hp:http_server:5.94HP HTTP Server 5.94
cpe:/a:hp:http_server:5.93HP HTTP Server 5.93
cpe:/a:hp:http_server:5.0HP HTTP Server 5.0
cpe:/a:hp:http_server:5.92HP HTTP Server 5.92

- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(UNKNOWN)  BID  12566

- 漏洞信息

HP HTTP Server远程未明缓冲区溢出漏洞
危急 缓冲区溢出
2005-12-31 00:00:00 2007-01-12 00:00:00
        HP 支持Web功能的管理软件的HP HTTP Server 5.0至5.95版本存在缓冲区溢出,远程攻击者可以通过未知向量执行任意代码。

- 公告与补丁


- 漏洞信息

HP Web-enabled Management Software HTTP Server Remote Overflow
Remote / Network Access Denial of Service, Input Manipulation
Loss of Integrity, Loss of Availability Upgrade
Exploit Unknown Vendor Verified

- 漏洞描述

A remote overflow exists in the HP Web-enabled Management Software HTTP server, running any Web Based Enterprise Management Agent or Utility that resides on TCP port 2301. The server fails to validate user supplied input resulting in a buffer overflow. With a specially crafted request, an attacker can cause a denial of service condition (server crash) or potentially execute arbitrary code.

- 时间线

2005-02-15 2005-02-14
Unknow Unknow

- 解决方案

Upgrade to version 5.96 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): Downloaded the patch file from hp; file is a self-extracting executable with a filename based on the Smart Component Number. Have all the associated files listed below in a single directory on your hard drive. SP29008.txt patchweb.bat findver.exe regtool.exe strexp.exe cpqhmmo2.fre cpqlogin.frm cpqopts.frm From a DOS command shell change to that drive and directory and type: patchweb patch This will replace the necessary files.

- 相关参考

- 漏洞作者

Unknown or Incomplete