8 matches found
HP SiteScope SOAP Call GetFileInternal Remote File Access
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP SiteScope SOAP Call getFileInternal Remote File Access', 'Description' = %q This module exploits an authentication bypass vulnerability in HP...
HP SiteScope issueSiebelCmd - Remote Code Execution
No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rexml/document' class Metasploit3 Msf::Exploit::Remote Rank = GreatRanking HttpFingerprint = :pattern =...
HP SiteScope 'issueSiebelCmd' SOAP请求远程代码执行漏洞
BUGTRAQ ID: 63478 CVECAN ID: CVE-2013-4835 HP SiteScope是无代理监控软件,可维护其分布式IT基础架构的可用性和性能。 HP SiteScope 11.22之前版本在处理"issueSiebelCmd" SOAP请求的实现上存在安全漏洞,成功利用后可导致执行任意代码。 0 HP SiteScope 11.22 厂商补丁: HP -- HP已经为此发布了一个安全公告(HPSBMU02933)以及相应补丁: HPSBMU02933:HP SiteScope, issueSiebelCmd SOAP Request, Remote Code...
HP SiteScope issueSiebelCmd - Remote Code Execution (Metasploit)
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rexml/document' class Metasploit3 /Apache-Coyote/ include REXML include Msf::Exploit::Remote::HttpClient include Msf::Exploit::CmdStagerVBS def...
HP SiteScope issueSiebelCmd Remote Code Execution
This module exploits a code execution flaw in HP SiteScope. The vulnerability exists in the APISiteScopeImpl web service, specifically in the issueSiebelCmd method, which allows the user to execute arbitrary commands without authentication. This module has been tested successfully on HP SiteScope...
CVE-2013-4835
The APISiteScopeImpl SOAP service in HP SiteScope 10.1x and 11.x before 11.22 allows remote attackers to bypass authentication and execute arbitrary code via a direct request to the issueSiebelCmd method, aka ZDI-CAN-1765...
CVE-2013-4835
The vulnerability CVE-2013-4835 affects HP SiteScope’s APISiteScopeImpl SOAP service. In HP SiteScope versions 10.1x and 11.x (before 11.22), the issueSiebelCmd method allows remote attackers to bypass authentication and execute arbitrary code via a direct request. This is a remote code execution...
HP SiteScope SOAP Call APISiteScopeImpl Multiple Information Disclosures
Two access control weaknesses have been reported in HP SiteScope...