88 matches found
CVE-2004-1856
CVE-2004-1856 affects HP Web JetAdmin 7.5.2546; the vulnerability is in devices_update_printer_fw_upload.hts, where, with no password configured, an attacker can remotely upload arbitrary files to the printer directory. This is a remote code/file upload issue that could lead to unauthorized modif...
CVE-2004-1858
HP Web Jetadmin 7.5.2546 allows remote attackers to cause a denial of service crash via a malformed request, possibly due to a stricmp error from an invalid use of the "$" character...
[security bulletin] SSRT4739 rev.0 HP WebJetadmin arbitrary command execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 HP SECURITY BULLETIN HPSBPI01078 REVISION: 0 SSRT4739 rev.0 HP Web Jetadmin arbitrary command execution ----------------------------------------------------------------- NOTICE: There are no restrictions for distribution of this Bulletin provided that...
HP Web JetAdmin <=7.0 Multiple Vulnerabilities (XSS, Code Exe, DoS, more)
The remote HP Web Jetadmin is vulnerable to multiple exploits. This includes, but is not limited to, full remote administrative access. An attacker can execute code remotely with SYSTEM level or root privileges by invoking the ExecuteFile function. To further exacerbate this issue, there is worki...
HP Web JetAdmin 6.5 (connectedNodes.ovpl) Remote Root Exploit
Exploit for hardware platform in category remote exploits ============================================================= HP Web JetAdmin 6.5 connectedNodes.ovpl Remote Root Exploit ============================================================= !/usr/bin/perl use IO::Socket; This is an exploit for H...
JetRoot_pl.txt
!/usr/bin/perl use IO::Socket; This is an exploit for HP Web JetAdmin, the printer management server from HP. It is NOT about printers! The service usually runs on port 8000 on Windows, Solaris or Linux boxes. Greetz: The Phenoelit People, c-base crew, EEyE rock!, Halvar on the other side of the...
HP Web JetAdmin 6.5 - connectedNodes.ovpl Remote Code Execution
HP Web JetAdmin 6.5 - connectedNodes.ovpl Remote Code Execution !/usr/bin/perl use IO::Socket; This is an exploit for HP Web JetAdmin, the printer management server from HP. It is NOT about printers! The service usually runs on port 8000 on Windows, Solaris or Linux boxes. Greetz: The Phenoelit...
HP Web JetAdmin 6.5 - 'connectedNodes.ovpl' Remote Code Execution
!/usr/bin/perl use IO::Socket; This is an exploit for HP Web JetAdmin, the printer management server from HP. It is NOT about printers! The service usually runs on port 8000 on Windows, Solaris or Linux boxes. Greetz: The Phenoelit People, c-base crew, EEyE rock!, Halvar on the other side of the...
Multiple vulnerabilities and Easter Eggs in HP Web JetAdmin
Unauthorized access, weak encryption, priviledge escalation...
Re: HP Web JetAdmin vulnerabilities.
Just a few more for HP Web JetAdmin 6.5 - I'm tired of waiting for HP and since the current version is way past 6.5, there is no point in hiding it any more : ---SNIP--- Phenoelit Advisory wir-haben-auch-mal-was-gefunden 0815 ++-+ Title Multiple vulnerabilities in HP Web JetAdmin Authors FX...
HP Web JetAdmin setinfo.hts setinclude Parameter Traversal Arbitrary File Access
The remote HP Web JetAdmin suffers from a number of vulnerabilities. The current running version is vulnerable to a directory traversal attack via the setinfo.hts script. A remote attacker could exploit this flaw to access arbitrary files on the host. %NASLMINLEVEL 70300 This script was written b...
HP Web JetAdmin vulnerabilities.
lo all: http://sh0dan.org/files/hpjadmadv.txt Fear the vi formatting. Product: HP Web JetAdmin Version 7.5.2546 Others that use this codebase assumed vulnerable Note: Only tested on the Windows Platform. Vulnerability: Denial of Service, Upload Any file to the filesystem to a known location, Writ...
CVE-2004-1856
devicesupdateprinterfwupload.hts in HP Web JetAdmin 7.5.2546, when no password is set, allows remote attackers to upload arbitrary files to the printer directory...
CVE-2004-1857
Directory traversal vulnerability in setinfo.hts in HP Web Jetadmin 7.5.2546 allows remote authenticated attackers to read arbitrary files via a .. dot dot in the setinclude parameter...
HP Web Jetadmin 7.5.2456 - Arbitrary Command Execution
HP Web Jetadmin 7.5.2456 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/9973/info Reportedly HP web Jetadmin is prone to a remote arbitrary command execution vulnerability. This issue is due to a failure of the application to properly validate and sanitize user supplied...
HP Web Jetadmin 7.5.2456 - Arbitrary Command Execution
source: https://www.securityfocus.com/bid/9973/info Reportedly HP web Jetadmin is prone to a remote arbitrary command execution vulnerability. This issue is due to a failure of the application to properly validate and sanitize user supplied input. Successful exploitation of this issue will allow ...
HP Web Jetadmin 7.5.2456 - Printer Firmware Update Script Arbitrary File Upload
HP Web Jetadmin 7.5.2456 - Printer Firmware Update Script Arbitrary File Upload source: https://www.securityfocus.com/bid/9971/info HP Web Jetadmin is prone to an issue which may permit remote users to upload arbitrary files to the management server. This issue exists in the printer firmware upda...
hpjadmadv.txt
Product: HP Web JetAdmin Version 7.5.2546 Others that use this codebase assumed vulnerable Note: Only tested on the Windows Platform. Vulnerability: Denial of Service, Upload Any file to the filesystem to a known location, Write to any file on the file system, Read any file from the filesystem...
HP Web Jetadmin 7.5.2456 - setinfo.hts Script Directory Traversal
HP Web Jetadmin 7.5.2456 - setinfo.hts Script Directory Traversal source: https://www.securityfocus.com/bid/9972/info It has been reported that HP Web JetAdmin may be prone to a directory traversal vulnerability allowing remote attackers to access information outside the server root directory. Th...
HP Web Jetadmin 7.5.2456 - setinfo.hts Script Directory Traversal
source: https://www.securityfocus.com/bid/9972/info It has been reported that HP Web JetAdmin may be prone to a directory traversal vulnerability allowing remote attackers to access information outside the server root directory. The problem exists due to insufficient sanitization of user-supplied...