HP OpenView Performance Insight Server 'doPost()' Remote Arbitrary Code Execution Vulnerability Network Vulnerability

Summary

HP OpenView Performance Insight Server is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will completely compromise affected computers.

Solution

Updates are available. Please see the references for details.

References

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02695453
http://www.hp.com/
http://www.zerodayinitiative.com/advisories/ZDI-11-034/
https://www.securityfocus.com/bid/46079

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-0276

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe ColdFusion Components (CFC) Denial Of Service Vulnerability
AjaxPortal 'di.php' File Inclusion Vulnerability
Ajax File and Image Manager 'data.php' PHP Code Injection Vulnerability
Athena Web Registration remote command execution flaw
Admbook PHP Code Injection Flaw

Take action and discover your vulnerabilities