1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: HP Power Manager Administration CVE-2009-2685

Attack: HP Power Manager Administration CVE-2009-2685

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects buffer overflow exploitation attempts in HP Power Manager Management Web Server.

Additional Information

HP Power Manager is a web-based application to manage an HP UPS.

HP Power Manager is prone to a remote code-execution vulnerability because it fails to properly bounds-check user-supplied data. This issue arises because the administration webserver fails to properly validate the 'Login' parameter, which can result in a stack-based buffer overflow.

An attacker can exploit this issue to execute arbitrary code with SYSTEM credentials, resulting in a complete compromise of the affected computer. Failed exploit attempts will result in a denial-of-service condition.

Affected

  • HP Power Manager

Response

The vendor has released updates and an advisory. Please see the references for details.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube