Web application abuses : HP OpenView Performance Insight Server 'doPost()' Remote Arbitrary Code Execution Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.103060

Categoría: Web application abuses

Título: HP OpenView Performance Insight Server 'doPost()' Remote Arbitrary Code Execution Vulnerability

Resumen: HP OpenView Performance Insight Server is prone to a remote; code-execution vulnerability.

Descripción: Summary:
HP OpenView Performance Insight Server is prone to a remote
code-execution vulnerability.

Vulnerability Impact:
An attacker can exploit this issue to execute arbitrary code with
SYSTEM-level privileges. Successful exploits will completely compromise affected computers.

Solution:
Updates are available. Please see the references for details.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-0276
BugTraq ID: 46079
http://www.securityfocus.com/bid/46079
Bugtraq: 20110131 ZDI-11-034: HP OpenView Performance Insight Server Backdoor Account Code Execution Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/516093/100/0/threaded
http://www.exploit-db.com/exploits/16984
HPdes Security Advisory: HPSBMA02627
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02695453
HPdes Security Advisory: SSRT090246
http://www.zerodayinitiative.com/advisories/ZDI-11-034
http://osvdb.org/70754
http://www.securitytracker.com/id?1025014
http://secunia.com/advisories/43145
http://securityreason.com/securityalert/8136
http://www.vupen.com/english/advisories/2011/0258
XForce ISS Database: openview-dopost-code-execution(65038)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65038

Copyright Copyright (C) 2011 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.103060
Categoría:	Web application abuses
Título:	HP OpenView Performance Insight Server 'doPost()' Remote Arbitrary Code Execution Vulnerability
Resumen:	HP OpenView Performance Insight Server is prone to a remote; code-execution vulnerability.
Descripción:	Summary: HP OpenView Performance Insight Server is prone to a remote code-execution vulnerability. Vulnerability Impact: An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will completely compromise affected computers. Solution: Updates are available. Please see the references for details. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0276 BugTraq ID: 46079 http://www.securityfocus.com/bid/46079 Bugtraq: 20110131 ZDI-11-034: HP OpenView Performance Insight Server Backdoor Account Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/516093/100/0/threaded http://www.exploit-db.com/exploits/16984 HPdes Security Advisory: HPSBMA02627 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02695453 HPdes Security Advisory: SSRT090246 http://www.zerodayinitiative.com/advisories/ZDI-11-034 http://osvdb.org/70754 http://www.securitytracker.com/id?1025014 http://secunia.com/advisories/43145 http://securityreason.com/securityalert/8136 http://www.vupen.com/english/advisories/2011/0258 XForce ISS Database: openview-dopost-code-execution(65038) https://exchange.xforce.ibmcloud.com/vulnerabilities/65038
Copyright	Copyright (C) 2011 Greenbone AG