HP Security Bulletin HPSBPV02918 2 - Potential security vulnerabilities have been identified with HP ProCurve Manager (PCM), HP PCM+ and HP Identity Driven Manager (IDM). These vulnerabilities could be exploited remotely to allow SQL injection, remote code execution and session reuse. Revision 2 of this advisory.
81d8b715891741e72a757263197f7d75c3d384c5a407cffd96c491d57658486fThis Metasploit module exploits a path traversal flaw in the HP ProCurve Manager SNAC Server. The vulnerability in the UpdateDomainControllerServlet allows an attacker to upload arbitrary files, just having into account binary writes aren't allowed. Additionally, authentication can be bypassed in order to upload the file. This Metasploit module has been tested successfully on the SNAC server installed with HP ProCurve Manager 4.0.
c9ac22deeaaeec7f4f88fb2108052d3e62513624019a0ece3319ace029dc61b8HP Security Bulletin HPSBPV02918 - Potential security vulnerabilities have been identified with HP ProCurve Manager (PCM), HP PCM+ and HP Identity Driven Manager (IDM). These vulnerabilities could be exploited remotely to allow SQL injection, remote code execution and session reuse. Revision 1 of this advisory.
08bb081512c1b276e5b511c2469ee62e495663cabe8db9d83683b61bc75663a4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed