Security Issues with HP Diagnostics

14 Jan

Some days back I had this mail in my inbox which was telling me  that HP Diagnostics server has remote code vulnerabilities where in  the remote attacker can execute the arbitrary code on the vulnerable installations of HP Diagnostics server.It also seems that HP had confirmed and agreed to patch this up soon.

However what remains unknown is version of product getting impacted and it is nearly impossible to search and find out more information about this from HP Site.I tried to confirm this in HP Site but was unsuccessful.Site is just too big and has too many products in it. I am also not sure if HP releases any kind of newsletter informing its customer about the security issues and the patches it recommends its customer should apply to its product.If it doesn’t, then I request them to start one.It really helps.

Since I have heard and know that  HP Diagnostics is used for Production Monitoring in the large companies namely in retail and banking domain, I am pasting the link of this vulnerability here for better cause.

http://zerodayinitiative.com/advisories/ZDI-12-016/

Its good stuff to know about this,In case if you know of any other links or security issues with HP Performance testing tools, please do share with me either as comments or at kiran at vasanti dot org  .

Also don’t forget to browse that site, it also lists some issues with LoadRunner and many of the other HP Products.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: