exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2009-2685

Status Candidate

Overview

Stack-based buffer overflow in the login form in the management web server in HP Power Manager allows remote attackers to execute arbitrary code via the Login variable.

Related Files

Hewlett-Packard Power Manager Administration Buffer Overflow.
Posted Dec 31, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Hewlett-Packard Power Manager 4.2. Sending a specially crafted POST request with an overly long Login string, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2009-2685
SHA-256 | 760a5e0c428e0ee8a5ed03674f016766c57a65eb426311bb765728b2278567af
Download | Favorite | View
HP Power Manager Administration Universal Buffer Overflow
Posted Nov 17, 2009
Authored by Matteo Memelli | Site offensive-security.com

HP Power Manager Administration universal buffer overflow exploit. Written in Python.

tags | exploit, overflow, python
advisories | CVE-2009-2685
SHA-256 | 337fad58366611acfcbe84f9d94f843b5856b4b86a3e3ea9b0faf759454d90c4
Download | Favorite | View
Zero Day Initiative Advisory 09-081
Posted Nov 6, 2009
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-081 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Power Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of URL parameters when posting to the login form of the web based management web server. Proper bounds checking is not applied when parsing the Login variable which can result in an exploitable stack overflow. Successful exploitation can lead to complete system compromise under the SYSTEM credentials.

tags | advisory, remote, web, overflow, arbitrary
advisories | CVE-2009-2685
SHA-256 | 4fe2c6ee8f4ae0da2ae82442b72be82eb4f7a98c1b56f5d96838548dde5e5b48
Download | Favorite | View
HP Security Bulletin HPSBMA02474 SSRT090107
Posted Nov 5, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP Power Manager. The vulnerability could be exploited remotely to execute arbitrary code.

tags | advisory, arbitrary
advisories | CVE-2009-2685
SHA-256 | 53080e1e2988e928bf4696c49f0cd570649bd4259d541307bb5c18f3d7d7a8c9
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close