Lucene search
AgixZDI-13-204HistoryAug 13, 2013 - 12:00 a.m.
Hewlett-Packard System Management iprange Parameter Remote Code Execution Vulnerability
2013-08-1300:00:00
agix
www.zerodayinitiative.com
21
EPSS
0.577
Percentile
97.8%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP System Management. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the iprange parameter when passed to /proxy/DataValidation in an HTTP request. Overflowing this parameter with data will cause a stack buffer overflow. An attacker can exploit this condition to gain remote code execution as SYSTEM.
Related
checkpoint_advisories
checkpoint_advisories
HP System Management Homepage iprange Stack Buffer Overflow (CVE-2013-2362)
2013-10-27 00:00:00
nvd
nvd
CVE-2013-2362
2013-07-22 11:19:36
prion
prion
Code injection
2013-07-22 11:19:00
saint
saint
HP System Management Homepage iprange Parameter Stack Buffer Overflow
2013-09-09 00:00:00
HP System Management Homepage iprange Parameter Stack Buffer Overflow
2013-09-09 00:00:00
HP System Management Homepage iprange Parameter Stack Buffer Overflow
2013-09-09 00:00:00
cvelist
cvelist
CVE-2013-2362
2022-10-03 16:15:00
cve
cve
CVE-2013-2362
2022-10-03 16:15:00
securityvulns
securityvulns
[security bulletin] HPSBMU02900 rev.2 - HP System Management Homepage (SMH) running on Linux and Windows, Multiple Remote and Local Vulnerabilities
2013-07-19 00:00:00
[security bulletin] HPSBMU02900 rev.3 - HP System Management Homepage (SMH) running on Linux and Windows, Multiple Remote and Local Vulnerabilities
2013-10-02 00:00:00
HP System Management Homepage multiple security vulnerabilities
2013-10-02 00:00:00
openvas
openvas
nessus
nessus
HP System Management Homepage < 7.2.1.0 Multiple Vulnerabilities (BEAST)
2013-07-23 00:00:00