Unspecified vulnerability in HP Operations Agent prior to 11.03.12 allows remote malicious users to execute arbitrary code via unknown vectors, aka ZDI-CAN-1326.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
hp operations agent 7.36 |
||
hp operations agent 8.51 |
||
hp operations agent 8.51.102 |
||
hp operations agent 8.52 |
||
hp operations agent 8.53 |
||
hp operations agent 8.60 |
||
hp operations agent 8.60.005 |
||
hp operations agent 8.60.006 |
||
hp operations agent 8.60.007 |
||
hp operations agent 8.60.7 |
||
hp operations agent 8.60.008 |
||
hp operations agent 8.60.501 |
||
hp operations agent |
This module exploits a buffer overflow vulnerability in HP Operations Agent for Windows. The vulnerability exists in the HP Software Performance Core Program component (coda.exe) when parsing requests for the 0x8c opcode. This module has been tested successfully on HP Operations Agent 11.00 over Windows XP SP3 and Windows 2003 SP2 (DEP bypass). The coda.exe components runs only for localhost by default, network access must be granted through its configuration to be remotely exploitable. On the other hand it runs on a random TCP port, to make easier reconnaissance a check function is provided.
Vulmon
msf > use exploit/windows/misc/hp_operations_agent_coda_8c
msf exploit(hp_operations_agent_coda_8c) > show targets
...targets...
msf exploit(hp_operations_agent_coda_8c) > set TARGET <target-id>
msf exploit(hp_operations_agent_coda_8c) > show options
...show and set options...
msf exploit(hp_operations_agent_coda_8c) > exploit