Summary
This host is running HP SAN/iQ Virtual SAN Appliance and is prone to remote command execution vulnerability.
Impact
Successful exploitation will allow attacker to execute arbitrary commands the context of an application.
Impact Level: System/Application
Solution
Upgrade to HP SAN/iQ 9.5 or later,
For updates refer to http://www.hp.com/
Insight
The flaw is due to an error in 'lhn/public/network/ping' which does not properly handle shell meta characters in the second parameter.
Affected
HP SAN/iQ version prior to 9.5 on HP Virtual SAN Appliance
References
Severity
Classification
-
CVE CVE-2012-4361 -
CVSS Base Score: 7.7
AV:A/AC:L/Au:S/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 May13 (Windows)
- Adobe AIR Multiple Vulnerabilities-01 Aug14 (Windows)
- Adobe Air Remote Code Execution Vulnerability -June13 (Windows)
- Adobe Flash Player Buffer Overflow Vulnerability - Apr14 (Windows)
- Adobe Air Multiple Vulnerabilities -01 May 13 (Mac OS X)