HP Security Bulletin HPSBST02735 SSRT100516 - A potential security vulnerability has been identified with HP StorageWorks Modular Smart Array P2000 G3. This vulnerability could be exploited to allow remote execution of arbitrary code. Revision 1 of this advisory.
30e4564ad8125978aac6f705d2b064fcbaa74e30b73701baf28cb18e05dc3607Zero Day Initiative Advisory 12-015 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP MSA 2000 G3. Authentication is not required to exploit this vulnerability. The specific flaws exists within the web interface listening on TCP port 80. There exists a directory traversal flaw that can allow a remote attacker to view any file on the system by simply specifying it in the default URI. Additionally, the password file contains a default login that can be used to authenticate to the device. This can be leveraged by a remote attacker to perform any tasks an administrator is able to.
efef31e729581273d43acf86536cbf3cf65886fa8a51dab225bf70b406583cb8
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed