HP Business Service Management Default JBOSS Configuration Lets Remote Users Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1027075 |
|
SecurityTracker URL: http://securitytracker.com/id/1027075
|
|
CVE Reference:
CVE-2012-2561
(Links to External Site)
|
Updated: Jun 19 2012
|
Original Entry Date: May 17 2012
|
Impact:
Execution of arbitrary code via network, Root access via network
|
Vendor Confirmed: Yes Exploit Included: Yes
|
Version(s): 9.12 and prior versions
|
Description:
A vulnerability was reported in HP Business Service Management. A remote user can execute arbitrary code on the target system.
A remote user can upload a jsp-shell as a '.war' file to the JBOSS application server via TCP ports 4444, 1098, or 1099 and have the server deploy it as a service to execute the shell with System privileges.
The original advisory is available at:
http://www.kb.cert.org/vuls/id/859230
David Elze of Daimler TSS reported this vulnerability via US-CERT.
|
Impact:
A remote user can execute arbitrary code on the target system.
|
Solution:
No solution was available at the time of this entry.
The vendor's advisory is available at:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03377648
|
Vendor URL: h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03377648 (Links to External Site)
|
Cause:
Access control error, Configuration error
|
Underlying OS:
Linux (Any), Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Thu, 17 May 2012 21:37:52 +0000
Subject: HP Business Service Management Application
|
CVE-2012-2561
|
|
