CVE-2012-4361

lhn/public/network/ping in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the second parameter...

CVE-2012-2986

lhn/public/network/ping in HP SAN/iQ 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the 1 first, 2 third, or 3 fourth parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4361...

CVE-2012-4362

hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote attackers to obtain access to a management service via a login: request to TCP port 13838...

EUVD-2012-4305

hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote attackers to obtain access to a management service via a login: request to TCP port 13838...

HP B-series SAN Network Advisor Installed (Linux)

Binary data hpb-seriessannetworkadvisorlinuxinstalled.nbin...

HP SAN/iQ Virtual SAN Appliance Multiple Parameters Command Execution Vulnerabilities

HP SAN/iQ Virtual SAN Appliance is prone to multiple command execution vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

HP SAN/iQ Virtual SAN Appliance Second Parameter Command Execution Vulnerability

HP SAN/iQ Virtual SAN Appliance is prone to a remote command execution RCE vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

HP SAN/iQ <= 10.0 Root Shell Command Injection

The version of SAN/iQ running on the remote host has a command injection vulnerability. The hydra service, used for remote management and configuration, does not properly sanitize untrusted input. A remote attacker could exploit this to execute arbitrary commands as root. Authentication is...

Code injection

lhn/public/network/ping in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the second parameter...

Code injection

lhn/public/network/ping in HP SAN/iQ 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the 1 first, 2 third, or 3 fourth parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4361...

Hardcoded credentials

hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote attackers to obtain access to a management service via a login: request to TCP port 13838...

CVE-2012-2986

lhn/public/network/ping in HP SAN/iQ 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the 1 first, 2 third, or 3 fourth parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4361...

CVE-2012-4361

lhn/public/network/ping in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the second parameter...

CVE-2012-4362

hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote attackers to obtain access to a management service via a login: request to TCP port 13838...

CVE-2012-4362

CVE-2012-4362 : Affects HP SAN/iQ Virtual SAN Appliance (HP SAN/iQ) before version 9.5. The component hydra.exe uses a hardcoded password, L0CAlu53R, for the global$agent account, enabling remote attackers to obtain access to the management service via a login to TCP port 13838. This description ...

HP SAN/iQ < 9.5 Root Shell Command Injection

The version of SAN/iQ running on the remote host has a command injection vulnerability. The hydra service, used for remote management and configuration, does not properly sanitize untrusted input. A remote attacker could exploit this to execute arbitrary commands as root. Authentication is...

Stack overflow

Stack-based buffer overflow in hydra.exe in HP SAN/iQ before 9.5 on the HP StorageWorks P4000 Virtual SAN Appliance allows remote attackers to execute arbitrary code via a crafted login request...

CVE-2011-4157

Stack-based buffer overflow in hydra.exe in HP SAN/iQ before 9.5 on the HP StorageWorks P4000 Virtual SAN Appliance allows remote attackers to execute arbitrary code via a crafted login request...

CVE-2011-4157

Stack-based buffer overflow in hydra.exe in HP SAN/iQ before 9.5 on the HP StorageWorks P4000 Virtual SAN Appliance allows remote attackers to execute arbitrary code via a crafted login request...