HP Integrated Lights-Out Information Disclosure (CVE-2013-4843)

Unspecified vulnerability in HP Integrated Lights-Out 4 iLO4 with firmware before 1.32 allows remote authenticated users to obtain sensitive information via unknown vectors. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

EUVD-2013-4687

Malware in sbrugna...

HP ILO 4 1.00-2.50 Authentication Bypass Administrator Account Creation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP iLO 4 1.00-2.50 Authentication Bypass Administrator Account Creation', 'Description' = %q This module exploits an authentication bypass in HP...

CVE-2013-4843

Unspecified vulnerability in HP Integrated Lights-Out 4 iLO4 with firmware before 1.32 allows remote authenticated users to obtain sensitive information via unknown vectors...

CVE-2013-4842

Cross-site scripting XSS vulnerability in HP Integrated Lights-Out 4 iLO4 with firmware before 1.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in HP Integrated Lights-Out 4 iLO4 with firmware before 1.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Code injection

Unspecified vulnerability in HP Integrated Lights-Out 4 iLO4 with firmware before 1.32 allows remote authenticated users to obtain sensitive information via unknown vectors...

[security bulletin] HPSBHF02939 rev.1 - HP Integrated Lights-Out 4 (iLO4), Remote Cross Site Scripting (XSS), Unauthorized Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03996804 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03996804 Version: 1 HPSBHF02939 rev....

Authentication flaw

Unspecified vulnerability in HP Integrated Lights-Out 3 aka iLO3 firmware before 1.60 and 4 aka iLO4 firmware before 1.30 allows remote attackers to bypass authentication via unknown vectors...

Code injection

Unspecified vulnerability on HP Integrated Lights-Out 3 aka iLO3 cards with firmware before 1.57 and 4 aka iLO4 cards with firmware before 1.22, when Single-Sign-On SSO is used, allows remote attackers to execute arbitrary code via unknown vectors...