Showing 1 - 4 of 4

CVE-2009-2685

Status Candidate

Overview

Stack-based buffer overflow in the login form in the management web server in HP Power Manager allows remote attackers to execute arbitrary code via the Login variable.

Related Files

Hewlett-Packard Power Manager Administration Buffer Overflow.: Posted Dec 31, 2009; Authored by MC | Site metasploit.com; This Metasploit module exploits a stack overflow in Hewlett-Packard Power Manager 4.2. Sending a specially crafted POST request with an overly long Login string, an attacker may be able to execute arbitrary code.; tags | exploit, overflow, arbitrary; advisories | CVE-2009-2685; SHA-256 | 760a5e0c428e0ee8a5ed03674f016766c57a65eb426311bb765728b2278567af; Download | Favorite | View

HP Power Manager Administration Universal Buffer Overflow: Posted Nov 17, 2009; Authored by Matteo Memelli | Site offensive-security.com; HP Power Manager Administration universal buffer overflow exploit. Written in Python.; tags | exploit, overflow, python; advisories | CVE-2009-2685; SHA-256 | 337fad58366611acfcbe84f9d94f843b5856b4b86a3e3ea9b0faf759454d90c4; Download | Favorite | View

Zero Day Initiative Advisory 09-081: Posted Nov 6, 2009; Authored by Tipping Point | Site zerodayinitiative.com; Zero Day Initiative Advisory 09-081 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Power Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of URL parameters when posting to the login form of the web based management web server. Proper bounds checking is not applied when parsing the Login variable which can result in an exploitable stack overflow. Successful exploitation can lead to complete system compromise under the SYSTEM credentials.; tags | advisory, remote, web, overflow, arbitrary; advisories | CVE-2009-2685; SHA-256 | 4fe2c6ee8f4ae0da2ae82442b72be82eb4f7a98c1b56f5d96838548dde5e5b48; Download | Favorite | View

HP Security Bulletin HPSBMA02474 SSRT090107: Posted Nov 5, 2009; Authored by Hewlett Packard | Site hp.com; HP Security Bulletin - A potential security vulnerability has been identified with HP Power Manager. The vulnerability could be exploited remotely to execute arbitrary code.; tags | advisory, arbitrary; advisories | CVE-2009-2685; SHA-256 | 53080e1e2988e928bf4696c49f0cd570649bd4259d541307bb5c18f3d7d7a8c9; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 205 files
Ubuntu 84 files
Gentoo 31 files
Debian 21 files
tmrswrr 10 files
Sina Kheirkhah 7 files
bRpsd 4 files
Rodolfo Tavares 4 files
nu11secur1ty 3 files
Google Security Research 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,078)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,350)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,266)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,658)
UNIX (9,425)
UnixWare (187)
Windows (6,666)
Other

CVE-2009-2685

Overview

Related Files

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems