[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security bulletin] HPSBST02735 SSRT100516 rev.1 - HP StorageWorks Modular Smart Array P2000 G3, Remote Execution of Arbitrary Code



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c03153338
Version: 1

HPSBST02735 SSRT100516 rev.1 - HP StorageWorks Modular Smart Array P2000 G3, 
Remote Execution of Arbitrary Code

NOTICE: The information in this Security Bulletin should be acted upon as soon 
as possible.

Release Date: 2012-01-13
Last Updated: 2012-01-13

Potential Security Impact: Remote execution of arbitrary code

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY
A potential security vulnerability has been identified with HP StorageWorks 
Modular Smart Array P2000 G3. This vulnerability could be exploited to allow 
remote execution of arbitrary code.

References: CVE-2011-4788, ZDI-12-015

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP StorageWorks Modular Smart Array P2000 G3 - all release firmware revisions 
before TS230P008.

Hardware or Software Platforms Affected

BV913A HP P2000 G3 FC MSA DC w/12 300GB 6G SAS 10K SFF HDD 3.6TB Bundle
BV914A HP P2000 G3 FC MSA DC w/12 600GB 6G SAS 10K SFF HDD 7.2TB Bundle
BV901A HP P2000 G3 FC MSA DC w/24 146GB 6G SAS 15K SFF HDD 3.5TB Bundle
BV902A HP P2000 G3 FC MSA DC w/24 300GB 6G SAS 10K SFF HDD 7.2TB Bundle
BV903A HP P2000 G3 FC MSA DC w/24 600GB 6G SAS 10K SFF HDD 14.4TB Bundle
BV915A HP P2000 G3 FC/iSCSI MSA DC w/12 300GB 6G SAS 10K SFF HDD 3.6TB
BV916A HP P2000 G3 FC/iSCSI MSA DC w/12 600GB 6G SAS 10K SFF HDD 7.2TB Bundle
BV904A HP P2000 G3 FC/iSCSI MSA DC w/24 146GB 6G SAS 15K SFF HDD 3.5TB Bundle
BV905A HP P2000 G3 FC/iSCSI MSA DC w/24 300GB 6G SAS 10K SFF HDD 7.2TB Bundle
BV906A HP P2000 G3 FC/iSCSI MSA DC w/24 600GB 6G SAS 10K SFF HDD 14.4TB Bundle
BV917A HP P2000 G3 SAS MSA DC w/12 300GB 6G SAS 10K SFF HDD 3.6TB Bundle
BV918A HP P2000 G3 SAS MSA DC w/12 600GB 6G SAS 10K SFF HDD 7.2TB Bundle
BV907A HP P2000 G3 SAS MSA DC w/24 146GB 6G SAS 15K SFF HDD 3.5TB Bundle
BV908A HP P2000 G3 SAS MSA DC w/24 300GB 6G SAS 10K SFF HDD 7.2TB Bundle
BV909A HP P2000 G3 SAS MSA DC w/24 600GB 6G SAS 10K SFF HDD 14.4TB Bundle
BV919A HP P2000 G3 iSCSI MSA DC w/12 300GB 6G SAS 10K SFF HDD 3.6TB Bundle
BV920A HP P2000 G3 iSCSI MSA DC w/12 600GB 6G SAS 10K SFF HDD 7.2TB Bundle
BV910A HP P2000 G3 iSCSI MSA DC w/24 146GB 6G SAS 15K SFF HDD 3.5TB Bundle
BV911A HP P2000 G3 iSCSI MSA DC w/24 300GB 6G SAS 10K SFF HDD 7.2TB Bundle
BV912A HP P2000 G3 iSCSI MSA DC w/24 600GB 6G SAS 10K SFF HDD 14.4TB Bundle
AW596A HP StorageWorks P2000 G3 10GbE iSCSI MSA Dual Controller LFF Array System
AW597A HP StorageWorks P2000 G3 10GbE iSCSI MSA Dual Controller SFF Array System
AP847A HP StorageWorks P2000 G3 FC MSA Dual Controller Small Business SAN 
Starter Kit
AP848A HP StorageWorks P2000 G3 FC MSA Dual Controller Virtualization SAN 
Starter Kit
BK816A HP StorageWorks P2000 G3 FC/iSCSI w/24 300GB 6G SAS 10K SFF DP 7.2K 
7.2TB Bundle
BK746SB HP StorageWorks P2000 G3 MSA FC Dual Controller LFF Array Starter 
Kit/S-Buy
AP845A HP StorageWorks P2000 G3 MSA FC Dual Controller LFF Modular Smart Array 
System
BK747SB HP StorageWorks P2000 G3 MSA FC Dual Controller SFF Array Starter 
Kit/S-Buy
AP846A HP StorageWorks P2000 G3 MSA FC Dual Controller SFF Modular Smart Array 
System
AW567A HP StorageWorks P2000 G3 MSA FC/iSCSI Dual Combo Controller LFF Array
AW568A HP StorageWorks P2000 G3 MSA FC/iSCSI Dual Combo Controller SFF Array
BK748SB HP StorageWorks P2000 G3 MSA FC/iSCSI Dual Combo LFF Array Starter 
Kit/S-Buy
BK749SB HP StorageWorks P2000 G3 MSA FC/iSCSI Dual Combo SFF Array Starter 
Kit/S-Buy
AW593A HP StorageWorks P2000 G3 SAS MSA Dual Controller LFF Array System
AW594A HP StorageWorks P2000 G3 SAS MSA Dual Controller SFF Array System
BV842A HP StorageWorks P2000 G3 SAS w/24 300GB 6G SAS 10K SFF DP 10K 7.2TB 
Bundle
BK830A HP StorageWorks P2000 G3 iSCSI MSA Dual Controller LFF Array System
BK831A HP StorageWorks P2000 G3 iSCSI MSA Dual Controller SFF Array System

BACKGROUND

CVSS 2.0 Base Metrics
===========================================================
  Reference              Base Vector             Base Score
CVE-2011-4788    (AV:N/AC:L/Au:N/C:C/I:P/A:P)       9.0
===========================================================
             Information on CVSS is documented
            in HP Customer Notice: HPSN-2008-002

RESOLUTION

The vulnerability can be resolved by the following procedure:

Disable the array's HTTP and HTTPS network management services (Note: This will 
also disable all management access from a Web browser. Array management access 
may be maintained via Command Line Interface [CLI].) Use the instructions 
outlined in the Workaround section below to disable the HTTP and HTTPS network 
management services.

Install TS230P008 firmware as soon as possible. If the HTTP and HTTPS network 
management services have been previously disabled, the services may be 
re-enabled as the issue is fully resolved in TS230P008 firmware.

TS230P008 firmware installation and workaround instructions:

Go to http://www.hp.com/support/storage

Under Disk Storage Systems, click P2000/MSA Disk Arrays .

Click HP P2000 G3 MSA Array Systems , then click Download drivers and software .

Select your product and operating system.

Click Firmware - Storage Controller .
In the Description column of the table, click the title of the firmware:

To download the firmware, click Download .

To read the release notes, click the Release Notes tab.

Note: If you have trouble finding your product, drivers, or software, use the 
Product Search function from http://www.hp.com/support/downloads and enter your 
product number.

Before running the TS230P008 Smart Component, verify that both the telnet and 
FTP options are enabled on the array to allow the Smart Component to run 
successfully.

Workaround

Disable the HTTP/HTTPS service protocols:

Note:

Disabling the HTTP/HTTPS services will disable the Storage Management Utility 
(SMU), including Web access to manage the system. All management must be 
performed by CLI telnet. If the system can not be accessed through CLI telnet, 
upgrade the system to TS230P008 to resolve this issue.

Any scripts requiring HTTP or HTTPS access will no longer function with HTTP or 
HTTPS disabled.

To disable the HTTP/HTTPS service protocols, enter the following command at the 
CLI prompt:

# set protocols http disabled https disabled
Success: Command completed successfully.

The HTTP and HTTPS services must be re-enabled to resume SMU access.

To re-enable the HTTP or HTTPS protocols, enter the following command at the 
CLI prompt:

# set protocols http enabled https enabled
Success: Command completed successfully.

HISTORY
Version:1 (rev.1) - 13 January 2012 Initial Release

Third Party Security Patches: Third party security patches that are to be 
installed on systems running HP software products should be applied in 
accordance with the customer's patch management policy.

Support: For issues about implementing the recommendations of this Security 
Bulletin, contact normal HP Services support channel.  For other issues about 
the content of this Security Bulletin, send e-mail to security-alert@xxxxxxx

Report: To report a potential security vulnerability with any HP supported 
product, send Email to: security-alert@xxxxxx

Subscribe: To initiate a subscription to receive future HP Security Bulletin 
alerts via Email: 
http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins

Security Bulletin List: A list of HP Security Bulletins, updated periodically, 
is contained in HP Security Notice HPSN-2011-001: 
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430

Security Bulletin Archive: A list of recently released Security Bulletins is 
available here: 
http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/

Software Product Category: The Software Product Category is represented in the 
title by the two characters following HPSB.

3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX

Copyright 2012 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors 
or omissions contained herein. The information provided is provided "as is" 
without warranty of any kind. To the extent permitted by law, neither HP or its 
affiliates, subcontractors or suppliers will be liable for incidental,special 
or consequential damages including downtime cost; lost profits;damages relating 
to the procurement of substitute products or services; or damages for loss of 
data, or software restoration. The information in this document is subject to 
change without notice. Hewlett-Packard Company and the names of Hewlett-Packard 
products referenced herein are trademarks of Hewlett-Packard Company in the 
United States and other countries. Other product and company names mentioned 
herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAk8QhcMACgkQ4B86/C0qfVmK3ACg9HSIAJtR454cfJ+HY1/eqxNt
mOQAniPeyZspiM3sNm3XWqk5NFUVCvAe
=dbUJ
-----END PGP SIGNATURE-----