Detections
Analytics
HP Managed Printing Administration < 2.6.4 Multiple Vulnerabilities
high Nessus Network Monitor Plugin ID 6113
Synopsis
The remote web server is hosting an application that is vulnerable to multiple attack vectors.Description
The remote web server is hosting HP Managed Printing Administration, a printer management application.Versions of HP Managed Printing Administration earlier than 2.6.4 are potentially affected by multiple vulnerabilities :
Null injection and directory traversal can be used in the form data passed to MPAUploader.Uploader.1.UploadFiles() to remotely create arbitrary files. (CVE-2011-4166)
- An extended length string can be passed into scripts within the management website and ultimately to MPAUploader.dll which could be exploited to execute arbitrary code. (CVE-2011-4167)
- Null injection and directory traversal can be used in the form data passed to \Inetpub\wwwroot\hpmpa\jobDelivery\Default.asp to remote create arbitrary files. (CVE-2011-4168)
Solution
Upgrade to HP Managed Printing Administration 2.6.4 or later.See Also
http://www.zerodayinitiative.com/advisories/ZDI-11-352
Plugin Details
Severity: High
ID: 6113
Family: CGI
Published: 12/27/2011
Updated: 3/6/2019
Risk Information
VPR
Risk Factor: High
Score: 7.3
CVSS v2
Risk Factor: High
Base Score: 9
Temporal Score: 7.4
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:C
CVSS v3
Risk Factor: High
Base Score: 8.6
Temporal Score: 8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:hp:managed_printing_administration
Patch Publication Date: 12/22/2011
Vulnerability Publication Date: 12/22/2011
Exploitable With
Metasploit (HP Managed Printing Administration jobAcct Remote Command Execution)
Reference Information
CVE: CVE-2011-4166, CVE-2011-4167, CVE-2011-4168, CVE-2011-4169
BID: 51174