HP Web Jetadmin 7.5.2456 - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/9973/info Reportedly HP web Jetadmin is prone to a remote arbitrary command execution vulnerability. This issue is due to a failure of the application to properly validate and sanitize user supplied input. Successful exploitation of this issue will allow ...

HP Web Jetadmin 7.5.2456 - Arbitrary Command Execution

HP Web Jetadmin 7.5.2456 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/9973/info Reportedly HP web Jetadmin is prone to a remote arbitrary command execution vulnerability. This issue is due to a failure of the application to properly validate and sanitize user supplied...

HP Web Jetadmin 7.5.2456 - Printer Firmware Update Script Arbitrary File Upload

HP Web Jetadmin 7.5.2456 - Printer Firmware Update Script Arbitrary File Upload source: https://www.securityfocus.com/bid/9971/info HP Web Jetadmin is prone to an issue which may permit remote users to upload arbitrary files to the management server. This issue exists in the printer firmware upda...

HP Web Jetadmin 7.5.2456 - setinfo.hts Script Directory Traversal

source: https://www.securityfocus.com/bid/9972/info It has been reported that HP Web JetAdmin may be prone to a directory traversal vulnerability allowing remote attackers to access information outside the server root directory. The problem exists due to insufficient sanitization of user-supplied...

hpjadmadv.txt

Product: HP Web JetAdmin Version 7.5.2546 Others that use this codebase assumed vulnerable Note: Only tested on the Windows Platform. Vulnerability: Denial of Service, Upload Any file to the filesystem to a known location, Write to any file on the file system, Read any file from the filesystem...

HP Web Jetadmin 7.5.2456 - setinfo.hts Script Directory Traversal

HP Web Jetadmin 7.5.2456 - setinfo.hts Script Directory Traversal source: https://www.securityfocus.com/bid/9972/info It has been reported that HP Web JetAdmin may be prone to a directory traversal vulnerability allowing remote attackers to access information outside the server root directory. Th...

CVE-1999-1433

HP JetAdmin D.01.09 on Solaris is affected by a local privilege escalation via a symlink attack on /tmp/jetadmin.log, allowing a local user to change file permissions. The root cause is a race/symlink vulnerability in the handling of the log file, enabling arbitrary file permission changes. Publi...

CVE-1999-1433

HP JetAdmin D.01.09 on Solaris allows local users to change the permissions of arbitrary files via a symlink attack on the /tmp/jetadmin.log file...

CVE-2001-1039

The CVE describes a vulnerability in the JetAdmin web interface for HP JetDirect where the telnet interface password is not set after the admin password is changed. This allows remote attackers to gain access to the printer over the network (attack vector: network, low complexity). The available ...

CVE-2001-1039

The JetAdmin web interface for HP JetDirect does not set a password for the telnet interface when the admin password is changed, which allows remote attackers to gain access to the printer...

CVE-2000-0443

The CVE-2000-0443 entry concerns the HP Web JetAdmin 5.6 web interface server, which is vulnerable to a directory traversal (.. attack) allowing remote attackers to read arbitrary files. The core issue is a failure to sanitize path inputs in the web interface, enabling access to files outside the...

CVE-2000-0443

The web interface server in HP Web JetAdmin 5.6 allows remote attackers to read arbitrary files via a .. dot dot attack...

CVE-2000-0444

HP Web JetAdmin 6.0 allows remote attackers to cause a denial of service via a malformed URL to port 8000...

CVE-2000-0444

HP Web JetAdmin 6.0 is affected. The vulnerability is a remote denial-of-service caused by a malformed URL targeting port 8000. Root cause described as malformed URL handling; no additional exploit details or affected versions beyond the 6.0 release are provided in the documents. No remediation o...

HP Web JetAdmin Version 6.0 Remote DoS attack Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 HP Web JetAdmin Version 6.0 Remote DoS attack Vulnerability USSR Advisory Code: USSR-2000042 Release Date: May 24, 2000 Affected Software Versions HP Web JetAdmin Version 6.0 Microsoft Windows 2000 HP Web JetAdmin Version 6.0 Microsoft Windows NT 4.0 ...

HP Web JetAdmin Version 5.6 Web interface Server Directory Traversal Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 HP Web JetAdmin Version 5.6 Web interface Server Directory Traversal Vulnerability USSR Advisory Code: USSR-2000041 Release Date: May 24, 2000 Affected Software Versions HP Web JetAdmin Version 5.6 Microsoft Windows 2000 HP Web JetAdmin Version 5.6...

CVE-2000-0444

HP Web JetAdmin 6.0 allows remote attackers to cause a denial of service via a malformed URL to port 8000...

CVE-2000-0443

The web interface server in HP Web JetAdmin 5.6 allows remote attackers to read arbitrary files via a .. dot dot attack...

HP JetAdmin 5.5.177jetadmin 5.6 - Directory Traversal

HP JetAdmin 5.5.177jetadmin 5.6 - Directory Traversal source: https://www.securityfocus.com/bid/1243/info By default JetAdmin Web Interface Server listens on port 8000. By requesting a specially formed URL which includes "../" it is possible for a remote user to gain read-access to any files...

HP JetAdmin 5.5.177/jetadmin 5.6 - Directory Traversal

source: https://www.securityfocus.com/bid/1243/info By default JetAdmin Web Interface Server listens on port 8000. By requesting a specially formed URL which includes "../" it is possible for a remote user to gain read-access to any files outside of the web-published directory...