23 matches found
EUVD-2012-0729
Malware in sbrugna...
EUVD-2012-3970
Malware in sbrugna...
CVE-2012-4026
The Johnson Controls Pegasys P2000 server with software before 3.11 allows remote attackers to trigger false alerts via crafted packets to TCP port 41013 aka the upload port, a different vulnerability than CVE-2012-2607...
CVE-2012-4026
The Johnson Controls Pegasys P2000 server with software before 3.11 allows remote attackers to trigger false alerts via crafted packets to TCP port 41013 aka the upload port, a different vulnerability than CVE-2012-2607...
Code injection
The Johnson Controls Pegasys P2000 server with software before 3.11 allows remote attackers to trigger false alerts via crafted packets to TCP port 41013 aka the upload port, a different vulnerability than CVE-2012-2607...
CVE-2012-4026
The Johnson Controls Pegasys P2000 server with software before 3.11 allows remote attackers to trigger false alerts via crafted packets to TCP port 41013 aka the upload port, a different vulnerability than CVE-2012-2607...
CVE-2012-4026
CVE-2012-4026 affects the Johnson Controls Pegasys P2000 server prior to version 3.11. The vulnerability allows remote attackers to trigger false alerts by sending crafted packets to TCP port 41013 (the upload port). The public description specifies the flaw as enabling false alerts via the uploa...
Johnson Controls CK721-A and P2000 remote command execution vulnerability
Overview Johnson Controls CK721-A and P2000 products contain a remote command execution vulnerability which may allow an unauthenticated remote attacker to perform various tasks against the devices. Description The "download" port tcp/41014 on the CK721-A device is vulnerable to remote command...
HP StorageWorks P2000 G3 directory traversal vulnerability
Overview HP StorageWorks P2000 G3 contains a directory traversal vulnerability which may allow a remote, unauthenticated attacker to obtain sensitive information. Description HP StorageWorks P2000 G3 contains an embedded webserver which is vulnerable to a directory traversal vulnerability which m...
HP StorageWorks P2000 security vulnerabilities
Default account, directory traversal...
ZDI-12-015 : (0Day) HP StorageWorks P2000 G3 Directory Traversal and Default Account Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-015 : 0Day HP StorageWorks P2000 G3 Directory Traversal and Default Account Vulnerabilities http://www.zerodayinitiative.com/advisories/ZDI-12-015 January 12, 2012 - -- CVE ID: CVE-2011-4788 - -- CVSS: 9, AV:N/AC:L/Au:N/C:C/I:P/A:P - -- Affecte...
CVE-2012-0697
HP StorageWorks P2000 G3 MSA array systems have a default account, which makes it easier for remote attackers to perform administrative tasks via unspecified vectors, a different vulnerability than CVE-2011-4788...
Path traversal
Absolute path traversal vulnerability in the web interface on HP StorageWorks P2000 G3 MSA array systems allows remote attackers to read arbitrary files via a pathname in the URI...
Design/Logic Flaw
HP StorageWorks P2000 G3 MSA array systems have a default account, which makes it easier for remote attackers to perform administrative tasks via unspecified vectors, a different vulnerability than CVE-2011-4788...
CVE-2012-0697
HP StorageWorks P2000 G3 MSA array systems have a default account, which makes it easier for remote attackers to perform administrative tasks via unspecified vectors, a different vulnerability than CVE-2011-4788...
CVE-2011-4788
CVE-2011-4788 is an absolute path traversal vulnerability in the web interface of HP StorageWorks P2000 G3 MSA array systems. The issue allows a remote attacker to read arbitrary files by supplying a pathname in the URI. Connected sources confirm impact on HP P2000 G3 MSA devices and identify the...
CVE-2012-0697
Affected product: HP StorageWorks P2000 G3 MSA Array Systems. CVE-2012-0697 covers a vulnerability where a default account enables a remote attacker to perform administrative tasks via unspecified vectors (directory traversal/remote access context) as described in ZDI-12-015 and HP security bulle...
CVE-2011-4788
Absolute path traversal vulnerability in the web interface on HP StorageWorks P2000 G3 MSA array systems allows remote attackers to read arbitrary files via a pathname in the URI...
(0Day) HP StorageWorks P2000 G3 Directory Traversal and Default Account Vulnerabilities
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP MSA 2000 G3. Authentication is not required to exploit this vulnerability. The specific flaws exists within the web interface listening on TCP port 80. There exists a directory traversal flaw th...
HP StorageWorks MSA P2000 Hidden 'admin' User Default Credentials
The remote device appears to be a HP StorageWorks MSA P2000 series. There is a hidden, undocumented account named 'admin' secured with a default password of '!admin'. A remote attacker can exploit this to gain privileged access to the management interface. TRUSTED...