Posted by Daniele Bianco on Jul 23#2014-005 LPAR2RRD input sanitization errors
LPAR2RRD is a performance monitoring and capacity planning software for IBM
Power Systems. LPAR2RRD generates historical, future trends and nearly
"real-time" CPU utilization graphs of LPAR's and shared CPU usage.
Insufficient input sanitization on the parameters passed to the application
web gui leads to arbitrary command injection on the LPAR2RRD application