Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusTenable5324.PRM
HistoryJan 22, 2010 - 12:00 a.m.

HP Power Manager < 4.2.10 Multiple Vulnerabilities

2010-01-2200:00:00
Tenable
www.tenable.com
8
JSON

The installed version of HP Power Manager is earlier than 4.2.10. Such versions are potentially affected by the following vulnerabilities :

  • Adequate bounds checking is not performed on the ‘Login’ parameter of the login page, which could lead to a buffer overflow. A remote unauthenticated attacker could exploit this to execute arbitrary code as SYSTEM. (CVE-2009-2685)

  • Adequate bounds checking is not performed on the ‘fileName’ or ‘LogType’ parameter of ‘formExportDataLogs’, which could lead to a buffer overflow. A remote authenticated attacker could exploit this to execute arbitrary code as SYSTEM. (CVE-2009-3999)

  • The ‘filename’ parameter of ‘formExportDataLogs’ has a directory traversal vulnerability. A remote authenticated attacker could exploit this to overwrite arbitrary files with almost arbitrary data. This could result in a denial of service, or arbitrary code execution as SYSTEM. (CVE-2009-4900)

Binary data 5324.prm
VendorProductVersionCPE
hppower_managercpe:/a:hp:power_manager

Related

nessus 1
securityvulns 6
prion 3
ubuntucve 1
cve 3
checkpoint_advisories 3
saint 8
d2 2
packetstorm 3
zdi 1
openvas 3
nessus
nessus
HP Power Manager < 4.2.10
2010-01-21 00:00:00
securityvulns
securityvulns
HP Power Manager code execution
2010-01-21 00:00:00
[security bulletin] HPSBMA02474 SSRT090107 rev.1 - HP Power Manager, Remote Execution of Arbitrary Code
2009-11-05 00:00:00
[security bulletin] HPSBMA02474 SSRT090107 rev.2 - HP Power Manager, Remote Execution of Arbitrary Code
2010-01-20 00:00:00
prion
prion
Cross site scripting
2019-10-28 15:15:00
Stack overflow
2009-11-06 15:30:00
Stack overflow
2010-01-20 22:30:00
ubuntucve
ubuntucve
CVE-2009-4900
2019-10-28 00:00:00
cve
cve
CVE-2009-4900
2019-10-28 15:15:00
CVE-2009-2685
2009-11-06 15:30:00
CVE-2009-3999
2010-01-20 22:30:00
checkpoint_advisories
checkpoint_advisories
Update Protection against HP Power Manager Remote Code Execution
2009-11-19 00:00:00
HP Power Manager Remote Code Execution (CVE-2009-2685)
2010-01-31 00:00:00
HP Power Manager formExportDataLogs Buffer Overflow (CVE-2009-3999)
2010-03-22 00:00:00
saint
saint
HP Power Manager Remote Code Execution
2009-11-06 00:00:00
HP Power Manager Remote Code Execution
2009-11-06 00:00:00
HP Power Manager Remote Code Execution
2009-11-06 00:00:00
d2
d2
DSquare Exploit Pack: D2SEC_HPPM
2009-11-06 15:30:00
DSquare Exploit Pack: D2SEC_HPPM2
2010-01-20 22:30:00
packetstorm
packetstorm
HP Power Manager Administration Universal Buffer Overflow
2009-11-17 00:00:00
Hewlett-Packard Power Manager Administration Buffer Overflow.
2009-12-31 00:00:00
HP Power Manager 'formExportDataLogs' Buffer Overflow
2011-10-20 00:00:00
zdi
zdi
Hewlett-Packard Power Manager Administration Web Server Stack Overflow Vulnerability
2009-11-05 00:00:00
openvas
openvas
HP Power Manager Management Web Server Login Remote Code Execution Vulnerability
2009-11-13 00:00:00
HP Power Manager Multiple Remote Code Execution Vulnerabilities
2010-01-20 00:00:00
HP Power Manager Multiple Remote Code Execution Vulnerabilities
2010-01-20 00:00:00
JSON
Related for 5324.PRM
nessus1securityvulns6prion3ubuntucve1cve3checkpoint_advisories3saint8d22packetstorm3zdi1openvas3