Feed aggregator

[oCERT-2014-005] LPAR2RRD input sanitization errors

BugTraq Latest Security Advisories - July 23, 2014 - 8:59am

Posted by Daniele Bianco on Jul 23

#2014-005 LPAR2RRD input sanitization errors

Description:

LPAR2RRD is a performance monitoring and capacity planning software for IBM
Power Systems. LPAR2RRD generates historical, future trends and nearly
"real-time" CPU utilization graphs of LPAR's and shared CPU usage.

Insufficient input sanitization on the parameters passed to the application
web gui leads to arbitrary command injection on the LPAR2RRD application
server....
Categories: