97 matches found
PT-2024-9119 · Hewlett Packard · Hpe Autopass License Server
Name of the Vulnerable Software and Affected Versions: Hewlett Packard Enterprise AutoPass License Server affected versions not specified Description: The issue is related to weaknesses in the authentication procedure of the HPE AutoPass License Server software. This allows a remote attacker to...
PT-2024-9116 · Hewlett Packard · Hpe Autopass License Server
Name of the Vulnerable Software and Affected Versions: HPE AutoPass License Server affected versions not specified Description: The issue is related to incorrect restriction of XML links to external objects in the HPE AutoPass License Server software. Exploitation of this issue may allow an...
PT-2024-9118 · Hewlett Packard · Hpe Autopass License Server
Name of the Vulnerable Software and Affected Versions: Hewlett Packard Enterprise AutoPass License Server versions prior to 9.17 Description: An hsqldb-related remote code execution vulnerability exists in HPE AutoPass License Server APLS. The vulnerability is due to insufficient input validation...
PT-2024-9117 · Hewlett Packard · Hpe Autopass License Server
Name of the Vulnerable Software and Affected Versions: HPE AutoPass License Server affected versions not specified Description: The issue is related to a lack of protection against SQL query structure exploitation in the HPE AutoPass License Server software, which can lead to information...
HP Service Virtualization AutoPass License Server Directory Traversal (CVE-2013-6221)
A code execution vulnerability exists in HP Service Virtualization running the AutoPass License Server. A remote unauthenticated attacker could exploit this vulnerability by sending crafted requests to the vulnerable service. Successful exploitation of this vulnerability could result in creation ...
HP AutoPass License Server File Upload
No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include...
HP AutoPass License Server Detection
Binary data hpautopassdetect.nbin...
HP AutoPass License Server File Upload Exploit
Exploit for java platform in category remote exploits This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'HP AutoPass License Server File Upload', 'Description' = %q This module exploit...
HP AutoPass License Server File Upload
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'HP AutoPass License Server File Upload', 'Description' = %q This module exploits a code execution flaw in HP AutoPass License Server...
HP AutoPass License Server Remote Code Execution (HPSBMU03045)
The HP AutoPass License Server has a flaw in the 'CommunicationServlet' that allows a remote, unauthenticated attackers to place files at arbitrary locations on the system by utilizing a directory traversal string. A remote attacker could use this issue to execute arbitrary code with 'SYSTEM'...
HP AutoPass License Server - Arbitrary File Upload (Metasploit)
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'HP AutoPass License Server File Upload', 'Description' = %q This module exploits a code execution flaw in HP AutoPass License Server...
HP AutoPass License Server File Upload
This module exploits a code execution flaw in HP AutoPass License Server. It abuses two weaknesses in order to get its objective. First, the AutoPass application doesn't enforce authentication in the CommunicationServlet component. Second, it's possible to abuse a directory traversal when uploadi...
Directory traversal
Directory traversal vulnerability in CommunicationServlet in HP Service Virtualization 3.x before 3.50.1, when the AutoPass license server is enabled, allows remote attackers to create arbitrary files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-2031...
CVE-2013-6221
The CVE-2013-6221 vulnerability affects HP Service Virtualization (3.x) with AutoPass License Server enabled. A directory traversal flaw in CommunicationServlet allows remote attackers to create arbitrary files and potentially execute arbitrary code via unspecified vectors. Public references docu...
HP Service Virtualization code execution
Code execution via AutoPass License Server...
[security bulletin] HPSBMU03045 rev.1 - HP Service Virtualization Running AutoPass License Server, Remote Code Execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04333125 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04333125 Version: 1 HPSBMU03045 rev....
Hewlett-Packard AutoPass License Server Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard AutoPass License Server. Authentication is not required to exploit this vulnerability. The flaw exists within the CommunicationServlet. The specific flaw is a directory traversal...