A remote overflow exists in the HP Web-enabled Management Software HTTP server, running any Web Based Enterprise Management Agent or Utility that resides on TCP port 2301. The server fails to validate user supplied input resulting in a buffer overflow. With a specially crafted request, an attacker can cause a denial of service condition (server crash) or potentially execute arbitrary code.

Upgrade to version 5.96 or higher, as it has been reported to fix this
vulnerability. It is also possible to correct the flaw by implementing
the following workaround(s):

Downloaded the patch file from hp; file is a self-extracting executable with
a filename based on the Smart Component Number. Have all the associated files
listed below in a single directory on your hard drive.

SP29008.txt
patchweb.bat
findver.exe
regtool.exe
strexp.exe
cpqhmmo2.fre
cpqlogin.frm
cpqopts.frm

From a DOS command shell change to that drive and directory and type:

patchweb patch

This will replace the necessary files.

• Security Tracker: 1013182
• Bugtraq ID: 12566
• Secunia Advisory ID: 14311
• CVE ID: 2005-4823 (see also: NVD)
• Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-02/0235.html
• Other Advisory URL: http://h18004.www1.hp.com/products/servers/management/SSRT2310c.html
• Vendor Specific Advisory URL: http://h18023.www1.hp.com/support/files/Server/us/download/22192.html
• Vendor URL: http://www.hp.com/
• CIAC Advisory: p-141

Unknown or Incomplete