HP System Health Application and Command Line Utilities Remote Code Execution Vulnerability

Bugtraq ID:	53336
Class:	Unknown
CVE:	CVE-2012-2000
Remote:	Yes
Local:	No
Published:	May 02 2012 12:00AM
Updated:	May 02 2012 12:00AM
Credit:	The vendor reported this issue.
Vulnerable:	HP System Health Application and Command Line Utilities 8.7
Not Vulnerable:	HP System Health Application and Command Line Utilities 9.0

HP System Health Application and Command Line Utilities Remote Code Execution Vulnerability

HP System Health Application and Command Line Utilities is prone to an unspecified code-execution vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed attacks may cause denial-of-service conditions.

Few technical details are currently available. We will update this BID as more information emerges.

Versions prior to HP System Health Application and Command Line Utilities 9.0.0 are vulnerable.

HP System Health Application and Command Line Utilities Remote Code Execution Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

HP System Health Application and Command Line Utilities Remote Code Execution Vulnerability

Solution:
The vendor has released an update. Please see the references for more information.

HP System Health Application and Command Line Utilities Remote Code Execution Vulnerability

References:

• HP Homepage (HP)
  
• HPSBMU02772 SSRT100603 rev.1 - HP System Health Application and Command Line Uti (HP)
  
• System Health Application and Command Line Utilities Homepage (HP)