Your one-stop web resource providing safety and security information to manufacturers

Hewlett-Packard (HP) is sending out a warning about two security vulnerabilities in its Operations Agent server monitoring software.

Unspecified errors in the enterprise software for AIX, HP-UX, Linux, Solaris and Windows can suffer exploitation by a remote attacker to compromise a vulnerable system and execute arbitrary code, company officials said. Both of these errors have a CVSS 2.0 (Common Vulnerability Scoring System) base score of 10.0, the highest possible severity rating.

RELATED STORIES
Patch Tuesday Closes Zero Day
Microsoft FixIt For XML Hole
Attack: IE Zero Day
RTFs Fall Victim to APTs
Microsoft Adjusts as Duqu Lingers

Versions prior to 11.03.12 on all supported platforms suffer from the issue; upgrading to 11.03.12 corrects the problems.

Independent Security Researcher, Luigi Auriemma, reported these vulnerabilities to HP via TippingPoint’s Zero Day Initiative (ZDI).

Cyber Security

A full list of affected versions, and patch download information are in the company’s security advisory.

HP advises all administrators to install the patches as soon as possible.

Pin It on Pinterest

Share This