int(4176)

Vulnerability Bulletins

Aumento de privilegios en HP Enterprise Discovery

Vulnerability classification
Property Value
Confidence level Oficial
Impact Aumento de privilegios
Dificulty Experto
Required attacker level Acceso remoto con cuenta

System information
Property Value
Affected manufacturer Comercial Software
Affected software HP Enterprise Discovery 2.0 - 2.0.4
HP Enterprise Discovery 2.1 - 2.1.3
HP Enterprise Discovery 2.20 - 2.22
HP Enterprise Discovery 2.50 - 2.52

Description
Se ha descubierto una vulnerabilidad en HP Enterprise Discovery 2.x.

Un atacante local podría aumentar sus privilegios mediante métodos desconocidos.

Solution


Actualización de software

Hewlett-Packard (HPSBMA02363)
HP Enterprise Discovery Version 2.0 / patch HPED_00159
HP Enterprise Discovery Version 2.0.1 / patch HPED_00145
HP Enterprise Discovery Version 2.0.2 / patch HPED_00146
HP Enterprise Discovery Version 2.0.3 / patch HPED_00147
HP Enterprise Discovery Version 2.0.4 / patch HPED_00148
HP Enterprise Discovery Version 2.1 / patch HPED_00149
HP Enterprise Discovery Version 2.1.1 / patch HPED_00150
HP Enterprise Discovery Version 2.1.2 / patch HPED_00151
HP Enterprise Discovery Version 2.1.3 / patch HPED_00152
HP Enterprise Discovery Version 2.20 / patch HPED_00153
HP Enterprise Discovery Version 2.21 / patch HPED_00154
HP Enterprise Discovery Version 2.22 / patch HPED_00155
HP Enterprise Discovery Version 2.50 / patch HPED_00156
HP Enterprise Discovery Version 2.51 / patch HPED_00157
HP Enterprise Discovery Version 2.52 / patch HPED_00158
http://support.openview.hp.com/selfsolve/patches

Standar resources
Property Value
CVE CVE-2008-3538
BID

Other resources
HP SECURITY BULLETIN (HPSBMA02363)
http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01508161-1

Version history
Version Comments Date
1.0 Aviso emitido 2008-08-28
Ministerio de Defensa
CNI
CCN
CCN-CERT