10 matches found
HP ProCurve Manager SNAC UpdateCertificatesServlet File Upload
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
[security bulletin] HPSBPV02918 rev.2 - HP ProCurve Manager (PCM), HP PCM+ and HP Identity Driven Manager (IDM), SQL Injection, Remote Code Execution, Session Reuse
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03897409 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03897409 Version: 2 HPSBPV02918 rev....
HP ProCurve Manager SNAC UpdateCertificatesServlet Code Execution (CVE-2013-4812)
A remote code execution vulnerability has been reported in HP ProCurve Manager SNAC...
HP ProCurve Manager SNAC - UpdateCertificatesServlet Arbitrary File Upload (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 /Apache-Coyote/ include...
CVE-2013-4812
creationtimestamp| type| source ---|---|--- 2013-09-17 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/28337 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/hppcmsnacupdatecertificates.rb 2025-02-06...
CVE-2013-4812
UpdateCertificatesServlet in the SNAC registration server in HP ProCurve Manager PCM 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager IDM 4.0 does not properly validate the fileName argument, which allows remote attackers to upload .jsp files and consequently execute arbitrary code vi...
DSquare Exploit Pack: D2SEC_HPPCM
Name| d2sechppcm ---|--- CVE| CVE-2013-4812 Exploit Pack| D2ExploitPack Description| HP PCM+ SNAC Registration Server Remote Code Execution Vulnerability Notes|...
HP ProCurve Manager SNAC UpdateCertificatesServlet File Upload
This module exploits a path traversal flaw in the HP ProCurve Manager SNAC Server. The vulnerability in the UpdateCertificatesServlet allows an attacker to upload arbitrary files, just having into account binary writes aren't allowed. Additionally, authentication can be bypassed in order to uploa...
CVE-2013-4812
CVE-2013-4812 covers a vulnerability in the HP ProCurve Manager SNAC UpdateCertificatesServlet (PCM/PCM+ 3.20/4.0, IDM 4.0) where the fileName argument is not properly validated, enabling remote attackers to upload JSP files and achieve arbitrary code execution via unspecified vectors (ZDI-CAN-17...
[security bulletin] HPSBPV02918 rev.1 - HP ProCurve Manager (PCM), HP PCM+ and HP Identity Driven Manager (IDM), SQL Injection, Remote Code Execution, Session Reuse
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03897409 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03897409 Version: 1 HPSBPV02918 rev....