CVE-2011-4785

Related Files

HP JetDirect Device Page Directory Traversal

Posted Jan 9, 2012

Authored by Digital Defense, r@b13$, sxkeebler | Site digitaldefense.net

The HP-ChaiSOE/1.0 embedded web server on certain HP JetDirect printers allows a potential attacker to gain read only access to directories and files outside of the web root, different from CVE-2008-4419. An attacker can leverage this flaw to read arbitrary system configuration files, cached documents, etc. Information obtained from an affected host may facilitate further attacks against the host. Exploitation of this flaw is trivial using common web server directory traversal techniques.

tags | advisory, web, arbitrary, root

advisories | CVE-2011-4785

SHA-256 | bbf0ce50d3dd4baeccc1f6cadb25ebbc0f6568943c21f1edc2430eb89eeed216

Download | Favorite | View

HP Security Bulletin HPSBPI02733 SSRT100646

Posted Jan 9, 2012

Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02733 SSRT100646 - A potential security vulnerability has been identified with certain HP LaserJet printers. The vulnerability could be exploited remotely to gain unauthorized access to files. Revision 1 of this advisory.

tags | advisory

advisories | CVE-2011-4785

SHA-256 | 8f193cff3feaf772b99d88920c3ec49384f7c8442c29c41e0d9c5501289181b6

Download | Favorite | View