CVE-2014-2649
CVSS7.5
发布时间 :2014-10-09 21:55:08
修订时间 :2014-10-10 12:18:57
NMCPS    

[原文]Unspecified vulnerability in HP Operations Manager 9.20 on UNIX allows remote attackers to execute arbitrary code via unknown vectors.


[CNNVD]HP Operations Manager 远程代码执行漏洞(CNNVD-201410-191)

        

HP Operations Manager(OM)是美国惠普(HP)公司的一套面向业务的企业级系统管理软件。该软件提供系统管理、应用管理、事件处理、业务展现等功能。

基于UNIX平台上的HP Operations Manager 9.20版本中存在安全漏洞。远程攻击者可利用该漏洞执行任意代码。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: NETWORK [攻击者不需要获取内网访问权或本地访问权]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:hp:operations_manager:9.20
cpe:/o:linux:kernel:-

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2649
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2649
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201410-191
(官方数据源) CNNVD

- 其它链接及资源

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04472866
(VENDOR_ADVISORY)  HP  SSRT101727
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04472866
(VENDOR_ADVISORY)  HP  HPSBMU03127

- 漏洞信息

HP Operations Manager 远程代码执行漏洞
高危
2014-10-14 00:00:00 2014-10-16 00:00:00
远程  
        

HP Operations Manager(OM)是美国惠普(HP)公司的一套面向业务的企业级系统管理软件。该软件提供系统管理、应用管理、事件处理、业务展现等功能。

基于UNIX平台上的HP Operations Manager 9.20版本中存在安全漏洞。远程攻击者可利用该漏洞执行任意代码。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
        https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04472866

- 漏洞信息 (F128616)

HP Security Bulletin HPSBMU03127 (PacketStormID:F128616)
2014-10-09 00:00:00
HP  hp.com
advisory,arbitrary
unix
CVE-2014-2648,CVE-2014-2649
[点击下载]

HP Security Bulletin HPSBMU03127 - A potential security vulnerability has been identified with HP Operations Manager for UNIX. The vulnerability can be exploited remotely to execute arbitrary code. Revision 1 of this advisory.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04472866

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04472866
Version: 1

HPSBMU03127 rev.1 - HP Operations Manager for UNIX, Remote Code Execution

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2014-10-08
Last Updated: 2014-10-08

Potential Security Impact: Remote code execution

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY
A potential security vulnerability has been identified with HP Operations
Manager for UNIX. The vulnerability can be exploited remotely to execute
arbitrary code.

References: CVE-2014-2648, CVE-2014-2649 (SSRT101727)

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.

HP Operations Manager for UNIX v9.10, v9.11 (CVE-2014-2648)
HP Operations Manager for UNIX v9.20 (CVE-2014-2649)

BACKGROUND

CVSS 2.0 Base Metrics
===========================================================
  Reference              Base Vector             Base Score
CVE-2014-2648    (AV:N/AC:M/Au:N/C:C/I:C/A:C)       9.3
CVE-2014-2649    (AV:N/AC:M/Au:N/C:P/I:P/A:P)       6.8
===========================================================
             Information on CVSS is documented
            in HP Customer Notice: HPSN-2008-002

RESOLUTION

HP has made the following software updates available for HP Operations
Manager for UNIX to resolve the vulnerability. The updates can be downloaded
from HP Software Support Online (SSO).

9.11.120 server patches:  Component
 Download Location

OMHPUX_00004
 https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse
arch/document/KM01188205

ITOSOL_00802
 https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse
arch/document/KM01187924

OML_00080
 https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse
arch/document/KM01187666

9.11.120 Java UI patches:  Component
 Download Location

OMHPUX_00005
 https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse
arch/document/KM01187192

ITOSOL_00803
 https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse
arch/document/KM01187435

OML_00081
 https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse
arch/document/KM01188103

9.20.300 server patches:  Component
 Download Location

OMHPUX_00006
 https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse
arch/document/KM01188207

ITOSOL_00804
 https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse
arch/document/KM01188065

OML_00082
 https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse
arch/document/KM01188209

HISTORY
Version:1 (rev.1) - 8 October 2014 Initial release

Third Party Security Patches: Third party security patches that are to be
installed on systems running HP software products should be applied in
accordance with the customer's patch management policy.

Support: For issues about implementing the recommendations of this Security
Bulletin, contact normal HP Services support channel.  For other issues about
the content of this Security Bulletin, send e-mail to security-alert@hp.com.

Report: To report a potential security vulnerability with any HP supported
product, send Email to: security-alert@hp.com

Subscribe: To initiate a subscription to receive future HP Security Bulletin
alerts via Email:
http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins

Security Bulletin Archive: A list of recently released Security Bulletins is
available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/

Software Product Category: The Software Product Category is represented in
the title by the two characters following HPSB.

3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX

Copyright 2014 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors
or omissions contained herein. The information provided is provided "as is"
without warranty of any kind. To the extent permitted by law, neither HP or
its affiliates, subcontractors or suppliers will be liable for
incidental,special or consequential damages including downtime cost; lost
profits; damages relating to the procurement of substitute products or
services; or damages for loss of data, or software restoration. The
information in this document is subject to change without notice.
Hewlett-Packard Company and the names of Hewlett-Packard products referenced
herein are trademarks of Hewlett-Packard Company in the United States and
other countries. Other product and company names mentioned herein may be
trademarks of their respective owners.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iEYEARECAAYFAlQ1TwsACgkQ4B86/C0qfVnkJgCfevd5vzwuHkW/C2VigZXMkDx3
emMAoPo5hL+fb0wuvT/65VDTrqjXDEY1
=TbvC
-----END PGP SIGNATURE-----
    

- 漏洞信息

HP Operations Manager CVE-2014-2649 Unspecified Remote Code Execution Vulnerability
Unknown 70353
Yes No
2014-10-08 12:00:00 2014-10-08 12:00:00
The vendor reported this issue.

- 受影响的程序版本

- 漏洞讨论

HP Operations Manager is prone to an unspecified code-execution vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of the affected application.

Few technical details are currently available. We will update this BID as more information emerges.

- 漏洞利用

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.

- 解决方案

Updates are available. Please see the references or vendor advisory for more information.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站