HP OpenView Performance Insight Server Backdoor Account Code Execution

$Id: hpopenviewinsightbackdoor.rb 11969 2011-03-15 21:56:11Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Authentication flaw

HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a "hidden account" in the com.trinagy.security.XMLUserManager Java class, which allows remote attackers to execute arbitrary code via the doPost method in the com.trinagy.servlet.HelpManagerServlet class...

CVE-2011-0276

HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a "hidden account" in the com.trinagy.security.XMLUserManager Java class, which allows remote attackers to execute arbitrary code via the doPost method in the com.trinagy.servlet.HelpManagerServlet class...

CVE-2011-0276

HP OpenView Performance Insight Server (OVPI) versions 5.2, 5.3, 5.31, 5.4, and 5.41 are affected by a remote code execution vulnerability due to a hidden account in the com.trinagy.security.XMLUserManager Java class. The vulnerability allows an attacker to trigger the doPost() method of com.trin...

HP OpenView Performance Insight Server Backdoor Account Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Performance Insight Server. Authentication is not required to exploit this vulnerability. The specific vulnerability is due to a hidden account present within the...