File Deletion Vulnerability in HP OpenView Performance Agent and Operations Agent
CVE-2011-2608

Currently unrated

Key Information:

Vendor: HP
Status: Operations Agent; Openview Performance Agent
Vendor: CVE Published:; 1 July 2011

Summary

The HP OpenView Performance Agent and Operations Agent contain a vulnerability that allows remote attackers to delete arbitrary files. This is possible through the manipulation of the 'File' field in a Register command, where an attacker can specify a full pathname, leading to potentially critical data loss and unauthorized access to the system. Proper caution is necessary to protect against such threats.

References

http://securitytracker.com/id?1025715

vdb-entryx_refsource_SECTRACK

https://exchange.xforce.ibmcloud.com/vulnerabilities/68269

vdb-entryx_refsource_XF

http://marc.info/?l=bugtraq&m=131188898632504&w=2

vendor-advisoryx_refsource_HP

Timeline

Vulnerability published
Jul 1, 2011
Vulnerability Reserved
Jul 1, 2011