Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:14974
HistoryNov 24, 2009 - 12:00 a.m.

HP Operations Manager 8.10 后门账号漏洞

2009-11-2400:00:00
Root
www.seebug.org
21

0.906 High

EPSS

Percentile

98.5%

JSON

BUGTRAQ ID: 37086
CVE ID: CVE-2009-3843

HP Operations Manager是用于协调IT基础架构中网络、最终用户体验事件的综合事件和性能管理控制台。

HP Operations Manager的Tomcat用户XML文件中存在隐藏的账号,恶意用户可以使用这个账号访问org.apache.catalina.manager.HTMLManagerServlet类,而这个servlet允许远程用户通过POST请求向/manager/html/upload上传文件。如果攻击者上传了恶意内容,之后就可以在服务器上访问并以SYSTEM用户权限执行任意代码。

HP Operations Manager 8.10
厂商补丁:

HP

HP已经为此发布了一个安全公告(HPSBMA02478)以及相应补丁:
HPSBMA02478:SSRT090251 rev.1 - HP Operations Manager for Windows, Remote Unauthorized Access
链接:http://alerts.hp.com/r?2.1.3KT.2ZR.zWmfi.DtgsGC..T.Lt1_.2ODk.bW89MQ__DNLKFTH0

补丁下载:
http://support.openview.hp.com/selfsolve/patches

Related

saint 4
securityvulns 3
prion 2
attackerkb 1
cve 2
packetstorm 2
zdi 1
checkpoint_advisories 1
zdt 1
openvas 2
kitploit 3
saint
saint
HP Operations Manager hidden Tomcat account
2010-06-18 00:00:00
HP Operations Manager hidden Tomcat account
2010-06-18 00:00:00
HP Operations Manager hidden Tomcat account
2010-06-18 00:00:00
securityvulns
securityvulns
[security bulletin] HPSBMA02478 SSRT090251 rev.1 - HP Operations Manager for Windows, Remote Unauthorized Access
2009-11-20 00:00:00
ZDI-09-085: Hewlett-Packard Operations Manager Server Backdoor Account Code Execution Vulnerability
2009-11-23 00:00:00
HP Operations Manager backdoor account
2009-11-23 00:00:00
prion
prion
Unrestricted file upload
2009-11-24 00:30:00
Unrestricted file upload
2009-12-03 17:30:00
attackerkb
attackerkb
CVE-2009-3843
2009-11-24 00:00:00
cve
cve
CVE-2009-3843
2009-11-24 00:30:00
CVE-2009-4189
2009-12-03 17:30:00
packetstorm
packetstorm
Apache Tomcat Manager Application Deployer Upload and Execute
2010-02-19 00:00:00
Apache Tomcat Manager Code Execution
2014-02-01 00:00:00
zdi
zdi
Hewlett-Packard Operations Manager Server Backdoor Account Code Execution Vulnerability
2009-11-20 00:00:00
checkpoint_advisories
checkpoint_advisories
HP Operations Manager Server Unauthorized File Upload (CVE-2009-3548; CVE-2009-3843; CVE-2009-4189)
2009-12-30 00:00:00
zdt
zdt
Apache Tomcat Manager Code Execution Exploit
2014-02-04 00:00:00
openvas
openvas
Apache Tomcat Server Administration Default/Hardcoded Credentials (HTTP)
2015-04-10 00:00:00
Apache Tomcat Manager/Host Manager/Server Status Default/Hardcoded Credentials (HTTP)
2012-08-22 00:00:00
kitploit
kitploit
Sn1per v5.0 - Automated Pentest Recon Scanner
2018-07-05 13:45:00
Sn1per v6.0 - Automated Pentest Framework For Offensive Security Experts
2018-11-24 12:43:00
Sn1per v7.0 - Automated Pentest Framework For Offensive Security Experts
2019-05-12 13:09:00

0.906 High

EPSS

Percentile

98.5%

JSON
Related for SSV:14974
saint4securityvulns3prion2attackerkb1cve2packetstorm2zdi1checkpoint_advisories1zdt1openvas2kitploit3