[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[security bulletin] HPSBST02735 SSRT100516 rev.1 - HP StorageWorks Modular Smart Array P2000 G3, Remote Execution of Arbitrary Code
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: [security bulletin] HPSBST02735 SSRT100516 rev.1 - HP StorageWorks Modular Smart Array P2000 G3, Remote Execution of Arbitrary Code
- From: security-alert@xxxxxx
- Date: Fri, 13 Jan 2012 15:57:11 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03153338
Version: 1
HPSBST02735 SSRT100516 rev.1 - HP StorageWorks Modular Smart Array P2000 G3,
Remote Execution of Arbitrary Code
NOTICE: The information in this Security Bulletin should be acted upon as soon
as possible.
Release Date: 2012-01-13
Last Updated: 2012-01-13
Potential Security Impact: Remote execution of arbitrary code
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
A potential security vulnerability has been identified with HP StorageWorks
Modular Smart Array P2000 G3. This vulnerability could be exploited to allow
remote execution of arbitrary code.
References: CVE-2011-4788, ZDI-12-015
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP StorageWorks Modular Smart Array P2000 G3 - all release firmware revisions
before TS230P008.
Hardware or Software Platforms Affected
BV913A HP P2000 G3 FC MSA DC w/12 300GB 6G SAS 10K SFF HDD 3.6TB Bundle
BV914A HP P2000 G3 FC MSA DC w/12 600GB 6G SAS 10K SFF HDD 7.2TB Bundle
BV901A HP P2000 G3 FC MSA DC w/24 146GB 6G SAS 15K SFF HDD 3.5TB Bundle
BV902A HP P2000 G3 FC MSA DC w/24 300GB 6G SAS 10K SFF HDD 7.2TB Bundle
BV903A HP P2000 G3 FC MSA DC w/24 600GB 6G SAS 10K SFF HDD 14.4TB Bundle
BV915A HP P2000 G3 FC/iSCSI MSA DC w/12 300GB 6G SAS 10K SFF HDD 3.6TB
BV916A HP P2000 G3 FC/iSCSI MSA DC w/12 600GB 6G SAS 10K SFF HDD 7.2TB Bundle
BV904A HP P2000 G3 FC/iSCSI MSA DC w/24 146GB 6G SAS 15K SFF HDD 3.5TB Bundle
BV905A HP P2000 G3 FC/iSCSI MSA DC w/24 300GB 6G SAS 10K SFF HDD 7.2TB Bundle
BV906A HP P2000 G3 FC/iSCSI MSA DC w/24 600GB 6G SAS 10K SFF HDD 14.4TB Bundle
BV917A HP P2000 G3 SAS MSA DC w/12 300GB 6G SAS 10K SFF HDD 3.6TB Bundle
BV918A HP P2000 G3 SAS MSA DC w/12 600GB 6G SAS 10K SFF HDD 7.2TB Bundle
BV907A HP P2000 G3 SAS MSA DC w/24 146GB 6G SAS 15K SFF HDD 3.5TB Bundle
BV908A HP P2000 G3 SAS MSA DC w/24 300GB 6G SAS 10K SFF HDD 7.2TB Bundle
BV909A HP P2000 G3 SAS MSA DC w/24 600GB 6G SAS 10K SFF HDD 14.4TB Bundle
BV919A HP P2000 G3 iSCSI MSA DC w/12 300GB 6G SAS 10K SFF HDD 3.6TB Bundle
BV920A HP P2000 G3 iSCSI MSA DC w/12 600GB 6G SAS 10K SFF HDD 7.2TB Bundle
BV910A HP P2000 G3 iSCSI MSA DC w/24 146GB 6G SAS 15K SFF HDD 3.5TB Bundle
BV911A HP P2000 G3 iSCSI MSA DC w/24 300GB 6G SAS 10K SFF HDD 7.2TB Bundle
BV912A HP P2000 G3 iSCSI MSA DC w/24 600GB 6G SAS 10K SFF HDD 14.4TB Bundle
AW596A HP StorageWorks P2000 G3 10GbE iSCSI MSA Dual Controller LFF Array System
AW597A HP StorageWorks P2000 G3 10GbE iSCSI MSA Dual Controller SFF Array System
AP847A HP StorageWorks P2000 G3 FC MSA Dual Controller Small Business SAN
Starter Kit
AP848A HP StorageWorks P2000 G3 FC MSA Dual Controller Virtualization SAN
Starter Kit
BK816A HP StorageWorks P2000 G3 FC/iSCSI w/24 300GB 6G SAS 10K SFF DP 7.2K
7.2TB Bundle
BK746SB HP StorageWorks P2000 G3 MSA FC Dual Controller LFF Array Starter
Kit/S-Buy
AP845A HP StorageWorks P2000 G3 MSA FC Dual Controller LFF Modular Smart Array
System
BK747SB HP StorageWorks P2000 G3 MSA FC Dual Controller SFF Array Starter
Kit/S-Buy
AP846A HP StorageWorks P2000 G3 MSA FC Dual Controller SFF Modular Smart Array
System
AW567A HP StorageWorks P2000 G3 MSA FC/iSCSI Dual Combo Controller LFF Array
AW568A HP StorageWorks P2000 G3 MSA FC/iSCSI Dual Combo Controller SFF Array
BK748SB HP StorageWorks P2000 G3 MSA FC/iSCSI Dual Combo LFF Array Starter
Kit/S-Buy
BK749SB HP StorageWorks P2000 G3 MSA FC/iSCSI Dual Combo SFF Array Starter
Kit/S-Buy
AW593A HP StorageWorks P2000 G3 SAS MSA Dual Controller LFF Array System
AW594A HP StorageWorks P2000 G3 SAS MSA Dual Controller SFF Array System
BV842A HP StorageWorks P2000 G3 SAS w/24 300GB 6G SAS 10K SFF DP 10K 7.2TB
Bundle
BK830A HP StorageWorks P2000 G3 iSCSI MSA Dual Controller LFF Array System
BK831A HP StorageWorks P2000 G3 iSCSI MSA Dual Controller SFF Array System
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2011-4788 (AV:N/AC:L/Au:N/C:C/I:P/A:P) 9.0
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
The vulnerability can be resolved by the following procedure:
Disable the array's HTTP and HTTPS network management services (Note: This will
also disable all management access from a Web browser. Array management access
may be maintained via Command Line Interface [CLI].) Use the instructions
outlined in the Workaround section below to disable the HTTP and HTTPS network
management services.
Install TS230P008 firmware as soon as possible. If the HTTP and HTTPS network
management services have been previously disabled, the services may be
re-enabled as the issue is fully resolved in TS230P008 firmware.
TS230P008 firmware installation and workaround instructions:
Go to http://www.hp.com/support/storage
Under Disk Storage Systems, click P2000/MSA Disk Arrays .
Click HP P2000 G3 MSA Array Systems , then click Download drivers and software .
Select your product and operating system.
Click Firmware - Storage Controller .
In the Description column of the table, click the title of the firmware:
To download the firmware, click Download .
To read the release notes, click the Release Notes tab.
Note: If you have trouble finding your product, drivers, or software, use the
Product Search function from http://www.hp.com/support/downloads and enter your
product number.
Before running the TS230P008 Smart Component, verify that both the telnet and
FTP options are enabled on the array to allow the Smart Component to run
successfully.
Workaround
Disable the HTTP/HTTPS service protocols:
Note:
Disabling the HTTP/HTTPS services will disable the Storage Management Utility
(SMU), including Web access to manage the system. All management must be
performed by CLI telnet. If the system can not be accessed through CLI telnet,
upgrade the system to TS230P008 to resolve this issue.
Any scripts requiring HTTP or HTTPS access will no longer function with HTTP or
HTTPS disabled.
To disable the HTTP/HTTPS service protocols, enter the following command at the
CLI prompt:
# set protocols http disabled https disabled
Success: Command completed successfully.
The HTTP and HTTPS services must be re-enabled to resume SMU access.
To re-enable the HTTP or HTTPS protocols, enter the following command at the
CLI prompt:
# set protocols http enabled https enabled
Success: Command completed successfully.
HISTORY
Version:1 (rev.1) - 13 January 2012 Initial Release
Third Party Security Patches: Third party security patches that are to be
installed on systems running HP software products should be applied in
accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security
Bulletin, contact normal HP Services support channel. For other issues about
the content of this Security Bulletin, send e-mail to security-alert@xxxxxxx
Report: To report a potential security vulnerability with any HP supported
product, send Email to: security-alert@xxxxxx
Subscribe: To initiate a subscription to receive future HP Security Bulletin
alerts via Email:
http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated periodically,
is contained in HP Security Notice HPSN-2011-001:
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430
Security Bulletin Archive: A list of recently released Security Bulletins is
available here:
http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the
title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2012 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors
or omissions contained herein. The information provided is provided "as is"
without warranty of any kind. To the extent permitted by law, neither HP or its
affiliates, subcontractors or suppliers will be liable for incidental,special
or consequential damages including downtime cost; lost profits;damages relating
to the procurement of substitute products or services; or damages for loss of
data, or software restoration. The information in this document is subject to
change without notice. Hewlett-Packard Company and the names of Hewlett-Packard
products referenced herein are trademarks of Hewlett-Packard Company in the
United States and other countries. Other product and company names mentioned
herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAk8QhcMACgkQ4B86/C0qfVmK3ACg9HSIAJtR454cfJ+HY1/eqxNt
mOQAniPeyZspiM3sNm3XWqk5NFUVCvAe
=dbUJ
-----END PGP SIGNATURE-----