CVE-2012-5201

Related Files

HP Intelligent Management Center Arbitrary File Upload

Posted Mar 26, 2013

Authored by rgod, juan vazquez | Site metasploit.com

This Metasploit module exploits a code execution flaw in HP Intelligent Management Center. The vulnerability exists in the mibFileUpload which is accepting unauthenticated file uploads and handling zip contents in a insecure way. Combining both weaknesses a remote attacker can accomplish arbitrary file upload. This Metasploit module has been tested successfully on HP Intelligent Management Center 5.1 E0202 over Windows 2003 SP2.

tags | exploit, remote, arbitrary, code execution, file upload

systems | windows

advisories | CVE-2012-5201, OSVDB-91026

SHA-256 | 079cdacb84dcb53ea2b286f73c46ecd3048ca724d4b7282c111b8be7672a2194

Download | Favorite | View

HP Security Bulletin HPSBGN02854 SSRT100881

Posted Mar 8, 2013

Authored by HP | Site hp.com

HP Security Bulletin HPSBGN02854 SSRT100881 - Potential security vulnerabilities have been identified with HP Intelligent Management Center (iMC Standard and Enterprise Editions), HP Intelligent Management Center for Automated Network Manager (ANM), iMC TACACS+ Authentication Manager (TAM), and iMC User Access Manager (UAM). The vulnerabilities could be remotely exploited resulting in cross site scripting (XSS), remote code execution, and remote disclosure of information. Revision 1 of this advisory.

tags | advisory, remote, vulnerability, code execution, xss

advisories | CVE-2012-5200, CVE-2012-5201, CVE-2012-5202, CVE-2012-5203, CVE-2012-5204, CVE-2012-5205, CVE-2012-5206, CVE-2012-5207, CVE-2012-5208, CVE-2012-5209, CVE-2012-5210, CVE-2012-5211, CVE-2012-5212, CVE-2012-5213

SHA-256 | 0ac63d7c8bd7939657d0c6cb9ab8758d89e0159d5c09f9d5fe9646bc7969beb1

Download | Favorite | View