[virusinfo] Hewlett-Packard HTTP Server buffer overflow vulnerability

  • From: "Mike" <mikebike@xxxxxxxxx>
  • To: virusinfo@xxxxxxxxxxxxx
  • Date: Tue, 08 Mar 2005 14:32:00 -0800

From; Computer Associates
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32455

Hewlett-Packard HTTP Server buffer overflow vulnerability 
  Date Discovered: Monday, February 14, 2005 
Date Published: Tuesday, March 08, 2005 
Last Updated: Tuesday, March 08, 2005
 
  The information below provides details about this vulnerability.  
 
   Threat Assessment 
 
Overall Risk:  High
Impact:  High
Popularity:  High
Simplicity:  High
  
 Vulnerability Description  
 
Vulnerability ID:  32455 Discovered By:  Hewlett-Packard Security Team 
Exploitable Locally:  No Exploitable Remotely:  Yes 
Impact:  A remote attacker can cause a denial of service condition or execute 
arbitrary code. 
Root Cause:  Software Vulnerability


Hewlett-Packard Web-Enabled Management Software HTTP Server contains a 
vulnerability that can allow a remote attacker to cause a denial of service 
condition or execute arbitrary code. The vulnerability is due to an unclear 
design error within the application. If exploited a remote attacker can cause a 
denial of service condition or execute arbitrary code. 

Recommendations Affected Technologies References 
 

Recommendations 
Return to top 

 
Affected Technologies 
Hewlett-Packard : HTTP Server 5
Hewlett-Packard : HTTP Server 5.0
Hewlett-Packard : HTTP Server 5.3
Hewlett-Packard : HTTP Server 5.92
Hewlett-Packard : HTTP Server 5.93
Hewlett-Packard : HTTP Server 5.95 

 
 *********** MIKE"S REPLY SEPARATOR  ***********
Mike ~ It is a good day if I learned something new.
Editor MikesWhatsNews see a sample on my web page
http://www3.telus.net/mikebike
<mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe>
http://www3.telus.net/mikebike/worm_removal.htm
See my Anti-Virus pages  http://virusinfo.hackfix.org/index
<virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe>
A Technical Support Alliance  and OWTA Charter Member

Other related posts:

  • » [virusinfo] Hewlett-Packard HTTP Server buffer overflow vulnerability
  1. Home
  2. virusinfo
  3. Archive
  4. 03-2005