HP System Event Utility Local Privilege Escalation

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/HP-SYSTEM-EVENT-UTILITY-LOCAL-PRIVILEGE-ESCALATION.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.hp.com Product HP System Event Utility The genuine HPMSGSVC.exe...

HPE iLO 4 < 2.53 - Add New Administrator User

!/usr/bin/env python """ Exploit trigger was presented @reconbrx 2018 Vulnerability found and documented by synacktiv: https://www.synacktiv.com/posts/exploit/rce-vulnerability-in-hp-ilo.html Original advisory from HP: https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03769enus Other...

HP Operations Manager 8.16 - srcvw4.dll LoadFile()SaveFile() Remote Unicode Stack Overflow (PoC)

HP Operations Manager 8.16 - srcvw4.dll LoadFileSaveFile Remote Unicode Stack Overflow PoC !-- |------------------------------------------------------------------| | | | / / / / | | / / / / / / / \ / / / / \ | | / // // / / / / / // / / / / / // / // / / / / / / | | /// //,// // //,// //...

HP Data Protector OmniInet.exe MSG_PROTOCOL Command RCE

According to its version and build number, the HP Data Protector application running on the remote host is affected by a stack-based buffer overflow condition in the backup client service daemon OmniInet.exe. An unauthenticated, remote attacker can exploit this, via an MSGPROTOCOL command with lo...