----------------------------------------------------------------------


Use WSUS to deploy 3rd party patches

Public BETA
https://secunia.com/vulnerability_scanning/corporate/wsus_3rd_third_party_patching/


----------------------------------------------------------------------

TITLE:
HP Performance Insight Arbitrary Command Execution Vulnerability

SECUNIA ADVISORY ID:
SA38899

VERIFY ADVISORY:
https://secunia.com/advisories/38899/

DESCRIPTION:
A vulnerability has been reported in HP Performance Insight, which
can be exploited by malicious people to compromise a vulnerable
system.

The vulnerability is caused due to an unspecified error and can be
exploited to execute arbitrary commands.

The vulnerability is reported in version 5.4 and earlier running on
HP-UX, Linux, Solaris, and Windows.

SOLUTION:
Apply patches.
https://support.openview.hp.com/selfsolve/patches

HP-UX (IA):  
PI54IA_00001 or subsequent

HP-UX (PA):
PI54PA_00001 or subsequent

Linux RedHat4ES:
PI54LIN_00001 or subsequent

Solaris:
PI54SOL_00001 or subsequent

Windows:
PI54WIN_00001 or subsequent

PROVIDED AND/OR DISCOVERED BY:
The vendor credits an anonymous researcher working with the
TippingPoint Zero Day Initiative

ORIGINAL ADVISORY:
HPSBMA02489 SSRT090065:
https://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02033170

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
https://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
https://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------