what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2009-2685

Status Candidate

Overview

Stack-based buffer overflow in the login form in the management web server in HP Power Manager allows remote attackers to execute arbitrary code via the Login variable.

Related Files

Hewlett-Packard Power Manager Administration Buffer Overflow.
Posted Dec 31, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Hewlett-Packard Power Manager 4.2. Sending a specially crafted POST request with an overly long Login string, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2009-2685
SHA-256 | 760a5e0c428e0ee8a5ed03674f016766c57a65eb426311bb765728b2278567af
Download | Favorite | View
HP Power Manager Administration Universal Buffer Overflow
Posted Nov 17, 2009
Authored by Matteo Memelli | Site offensive-security.com

HP Power Manager Administration universal buffer overflow exploit. Written in Python.

tags | exploit, overflow, python
advisories | CVE-2009-2685
SHA-256 | 337fad58366611acfcbe84f9d94f843b5856b4b86a3e3ea9b0faf759454d90c4
Download | Favorite | View
Zero Day Initiative Advisory 09-081
Posted Nov 6, 2009
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-081 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Power Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of URL parameters when posting to the login form of the web based management web server. Proper bounds checking is not applied when parsing the Login variable which can result in an exploitable stack overflow. Successful exploitation can lead to complete system compromise under the SYSTEM credentials.

tags | advisory, remote, web, overflow, arbitrary
advisories | CVE-2009-2685
SHA-256 | 4fe2c6ee8f4ae0da2ae82442b72be82eb4f7a98c1b56f5d96838548dde5e5b48
Download | Favorite | View
HP Security Bulletin HPSBMA02474 SSRT090107
Posted Nov 5, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP Power Manager. The vulnerability could be exploited remotely to execute arbitrary code.

tags | advisory, arbitrary
advisories | CVE-2009-2685
SHA-256 | 53080e1e2988e928bf4696c49f0cd570649bd4259d541307bb5c18f3d7d7a8c9
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close