Internet threat level: 1
Home→Descriptions→SA38489
HP Operations Agent "opc_op" Account Password Security Issue
| Secunia ID | |
| CVE-ID | |
| Release Date |
09 Feb 2010 |
| Last Change |
03 Sep 2010 |
| Criticality | |
| Solution Status |
Vendor Workaround |
| Software |
HP Operations Agent 8.x |
| Where | |
| Impact |
System accessThis covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user. |
| Description |
A security issue has been reported in HP Operations Agent, which can be exploited by malicious people to compromise a vulnerable system. The security issue is caused due to the application setting no password for the "opc_op" user account and can be exploited to gain system access. The security issue is reported in HP Operations Agent version 8.51, 8.52, 8.53, and 8.60, running on Solaris 10. |
| Solution |
Restrict access to the "opc_op" account. Please see the vendor's advisory for workaround details. |
| Reported by |
Reported by the vendor. |
| Original Advisory |
HPSBMA02487 SSRT100024: |
© 1997-2012 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.