Detections
Analytics
HP Power Manager < 4.2.10 Multiple Vulnerabilities
critical Nessus Network Monitor Plugin ID 5324
Synopsis
The power management application installed on the remote host is vulnerable to multiple attack vectors.Description
The installed version of HP Power Manager is earlier than 4.2.10. Such versions are potentially affected by the following vulnerabilities :- Adequate bounds checking is not performed on the 'Login' parameter of the login page, which could lead to a buffer overflow. A remote unauthenticated attacker could exploit this to execute arbitrary code as SYSTEM. (CVE-2009-2685)
- Adequate bounds checking is not performed on the 'fileName' or 'LogType' parameter of 'formExportDataLogs', which could lead to a buffer overflow. A remote authenticated attacker could exploit this to execute arbitrary code as SYSTEM. (CVE-2009-3999)
- The 'filename' parameter of 'formExportDataLogs' has a directory traversal vulnerability. A remote authenticated attacker could exploit this to overwrite arbitrary files with almost arbitrary data. This could result in a denial of service, or arbitrary code execution as SYSTEM. (CVE-2009-4900)
Solution
Upgrade to HP Power Manager 4.2.10 or later.See Also
http://www.zerodayinitiative.com/advisories/ZDI-09-081
http://secunia.com/secunia_research/2009-47
http://www.nessus.org/u?5d601101
Plugin Details
Severity: Critical
ID: 5324
Family: CGI
Published: 1/22/2010
Updated: 3/6/2019
Nessus ID: 44109
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 8.3
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 9.1
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:hp:power_manager
Patch Publication Date: 1/19/2010
Vulnerability Publication Date: 11/5/2009
Exploitable With
CANVAS (D2ExploitPack)
Core Impact
Metasploit (Hewlett-Packard Power Manager Administration Buffer Overflow)