19 matches found
HP-VSA-Remote-Execution
HP VSA / SANiQ Hydra client Nicolas Grégoire [email protected] v0.5 HOST = '192.168.201.11' The remote host PORT = 13838 The hydra port import getopt import re import sys import binascii import struct import socket import os ''' ================================== Define functions...
HP StorageWorks P4000 Virtual SAN Appliance Command Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
HP LeftHand Virtual SAN Appliance hydra Ping Hostname Overflow
Added: 09/19/2013 CVE: CVE-2012-3285 BID: 57754 OSVDB: 89919 Background HP LeftHand Virtual SAN Appliance VSA software is a VMware certified SAN/storage device and virtual appliance that provides complete SAN functionality for VMware Infrastructure without external SAN hardware. Problem HP LeftHa...
HP StorageWorks P4000 Virtual SAN Appliance - Login Buffer Overflow (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "HP StorageWorks...
Hewlett-Packard LeftHand Virtual SAN Appliance Hydra Login Remote Command Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP LeftHand Virtual SAN Appliance. Authentication is not required to exploit this vulnerability. The flaw exists within the hydra service, specifically with the LHNSessionManager component. This...
HP LeftHand Virtual SAN Appliance hydra Diag Processing Buffer Overflow (CVE-2012-3283)
A heap buffer overflow vulnerability exists in HP LeftHand Virtual SAN Appliance. The vulnerability is due to insufficient input validation on parameters of a Diag request sent to the hydra service which listens by default on port 13838/TCP. A remote attacker can exploit this vulnerability by...
Hewlett-Packard LeftHand Virtual SAN Appliance Hydra Ping Hostname Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP LeftHand Virtual SAN Appliance. Authentication is not required to exploit this vulnerability. The flaw exists within the hydra service, specifically with the LHNModParam component. This process...
Hewlett-Packard LeftHand Virtual SAN Appliance Hydra SNMP Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP LeftHand Virtual SAN Appliance. Authentication is not required to exploit this vulnerability. The flaw exists within the hydra service, specifically within snmp.module!OnSet. This process listen...
Hewlett-Packard LeftHand Virtual SAN Appliance Hydra Set Disk Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP LeftHand Virtual SAN Appliance. Authentication is not required to exploit this vulnerability. The flaw exists within the hydra service, specifically with the hel.module component. This process...
HP SAN/iQ Virtual SAN Appliance Multiple Parameters Command Execution Vulnerabilities
HP SAN/iQ Virtual SAN Appliance is prone to multiple command execution vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Hardcoded credentials
hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote attackers to obtain access to a management service via a login: request to TCP port 13838...
CVE-2012-4362
CVE-2012-4362 : Affects HP SAN/iQ Virtual SAN Appliance (HP SAN/iQ) before version 9.5. The component hydra.exe uses a hardcoded password, L0CAlu53R, for the global$agent account, enabling remote attackers to obtain access to the management service via a login to TCP port 13838. This description ...
CVE-2012-4362
hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote attackers to obtain access to a management service via a login: request to TCP port 13838...
HP StorageWorks P4000 Virtual SAN Appliance Command Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "HP StorageWorks...
HP StorageWorks P4000 Virtual SAN Appliance Command Execution
Exploit for hardware platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...
HP StorageWorks P4000 Virtual SAN Appliance Command Execution
This module exploits a vulnerability found in HP's StorageWorks P4000 VSA on versions prior to 9.5. By using a default account credential, it is possible to inject arbitrary commands as part of a ping request via port 13838. This module requires Metasploit: https://metasploit.com/download Current...
HP VSA - Remote Command Execution
HP VSA - Remote Command Execution !/usr/bin/python ''' ================================== Pseudo documentation ================================== ''' HP VSA / SANiQ Hydra client Nicolas Grégoire v0.5 ''' ================================== Target information ================================== '''...
ZDI-11-111: (0Day) Hewlett-Packard Virtual SAN Appliance hydra.exe Login Request Remote Code Execution Vulnerability
ZDI-11-111: 0Day Hewlett-Packard Virtual SAN Appliance hydra.exe Login Request Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-111 March 23, 2011 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packa...
(0Day) Hewlett-Packard Virtual SAN Appliance hydra.exe Login Request Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Virtual SAN appliance. Authentication is not required to exploit this vulnerability. The flaw exists within the hydra.exe component which listens by default on port 13838. When...