5 matches found
CVE-2009-4000
Directory traversal vulnerability in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to overwrite arbitrary files, and execute arbitrary code, via directory traversal sequences in the fileName parameter...
Secunia Research: HP Power Manager "formExportDataLogs" Directory Traversal
====================================================================== Secunia Research 20/01/2009 - HP Power Manager "formExportDataLogs" Directory Traversal - ====================================================================== Table of Contents Affected...
HP Power Manager < 4.2.10
The installed version of HP Power Manager is less than 4.2.10, and as such has the following vulnerabilities : - Adequate bounds checking is not performed on the 'Login' parameter of the login page, which could lead to a buffer overflow. A remote, unauthenticated attacker could exploit this to...
CVE-2009-4000
HP Power Manager vulnerable to a directory traversal issue in goform/formExportDataLogs (fileName parameter) that allows remote attackers to overwrite arbitrary files and potentially execute arbitrary code. Affected software: HP Power Manager versions before 4.2.10. Root cause: input validation e...
[security bulletin] HPSBMA02485 SSRT090252 rev.1 - HP Power Manager, Remote Execution of Arbitrary Code
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01971741 Version: 1 HPSBMA02485 SSRT090252 rev.1 - HP Power Manager, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon as soon as possible...