Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4157

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2011-4157
Last Modified 28 Dec 2011 11:14:21
Published 16 Nov 2011 11:55:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-4157

Summary

Stack-based buffer overflow in hydra.exe in HP SAN/iQ before 9.5 on the HP StorageWorks P4000 Virtual SAN Appliance allows remote attackers to execute arbitrary code via a crafted login request.

Vulnerable Systems

Application

  • Hp Centralized Management Console Software 7.0.01

  • Hp Centralized Management Console Software 8.0

  • Hp Centralized Management Console Software 8.1

  • Hp Centralized Management Console Software 8.5

  • Hp Centralized Management Console Software 9.0

  • Hp San%2fiq 8.0

  • Hp San%2fiq 8.1

  • Hp San%2fiq 8.5

  • Hp San%2fiq 9.0


References

MISC - http://www.zerodayinitiative.com/advisories/ZDI-11-111/

HP - SSRT100279

HP - HPSBST02722

XF - hp-storageworks-unspec-command-exec(71766)

BID - 51042

BID - 47005


Last Updated: 27 May 2016 10:57:58