PROBLEM:
HP Virtual SAN Appliance Stack Overflow in 'hydra.exe' Lets Remote Users Execute Arbitrary Code.
PLATFORM:
HP StorageWorks P4000 Virtual SAN Appliance Software
ABSTRACT:
A vulnerability has been reported in HP StorageWorks P4000 Virtual SAN Appliance Software, which can be exploited by malicious people to compromise a vulnerable system.
reference LINKS:
Secunia advisory 34782
SecurityTracker Alert ID: 1025249
ZDI-11-111
Bugtraq ID: 47005
IMPACT ASSESSMENT:
High
Discussion:
Hewlett-Packard Virtual SAN Appliance is prone to a remote buffer-overflow vulnerability.
Attackers may exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts may result in a denial-of-service condition.
Impact:
A vulnerability was reported in HP Virtual SAN Appliance. A remote user can execute arbitrary code on the target device.
A remote user can send a specially crafted login request to 'hydra.exe' on port 13838 to trigger a stack overflow and execute arbitrary code on the target system. The code will run with System privileges.
Solution:
This vulnerability could be mitigated by administrators by restricting communication with the hydra agent to known client IP addresses. A remote user can execute arbitrary code on the target system.
HP Software Update