knowledge is security

Register | Login

Home Files News About Contact Add New

Showing 1 - 1 of 1

Files

Zero Day Initiative Advisory 09-085: Posted Nov 20, 2009; Authored by Tipping Point | Site zerodayinitiative.com; Zero Day Initiative Advisory 09-085 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Operations Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists due to a hidden account present within the Tomcat users XML file. Using this account a malicious user can access the org.apache.catalina.manager.HTMLManagerServlet class. This is defined within the catalina-manager.jar file installed with the product. This servlet allows a remote user to upload a file via a POST request to /manager/html/upload. If an attacker uploads malicious content it can then be accessed and executed on the server which leads to arbitrary code execution under the context of the SYSTEM user.; tags | advisory, remote, arbitrary, code execution; advisories | CVE-2009-3843; MD5 | 457fd4230dd9490ce104d8153f689e68; Download | Favorite | Comments (0)

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 46 files
Ubuntu 31 files
the_cyber_nuxbie 27 files
Sony 24 files
Debian 24 files
Benjamin Kunz Mejri 16 files
Gentoo 16 files
Tipping Point 15 files
HP 15 files
KedAns-Dz 14 files

Recent News

Acta: Germany Delays Signing Anti-Piracy Agreement: Posted Feb 11, 2012; tags | headline, germany, mpaa, pirate; Link | Favorite | Comments (0)

Anonymous Says Attack Put CIA Website Offline: Posted Feb 11, 2012; tags | headline, denial of service, anonymous, cia; Link | Favorite | Comments (0)

Microsoft To Send Users 4 Critical Patches On Valentine's Day: Posted Feb 10, 2012; tags | headline, microsoft, flaw, patch; Link | Favorite | Comments (0)

Malware Devs Embrace Open Source: Posted Feb 10, 2012; tags | headline, malware, trojan; Link | Favorite | Comments (0)

Mobile Security Researchers Warn Of Evolving Android Malware: Posted Feb 10, 2012; tags | headline, malware, phone, google; Link | Favorite | Comments (0)

Security Patches Cost Google $410,000 In Finder's Fees: Posted Feb 10, 2012; tags | headline, flaw, google; Link | Favorite | Comments (0)

Google Wallet PIN Security Cracked In Seconds: Posted Feb 9, 2012; tags | headline, hacker, phone, google; Link | Favorite | Comments (0)

Airport Bomb Twitter Joker In Second Fine Appeal Bid: Posted Feb 9, 2012; tags | headline, government, twitter; Link | Favorite | Comments (0)

Chinese iPhone Maker Foxconn Hacked: Posted Feb 9, 2012; tags | headline, hacker, microsoft, phone, apple; Link | Favorite | Comments (0)

Anonymous Goes After Syria: Posted Feb 9, 2012; tags | headline, government, anonymous, syria; Link | Favorite | Comments (0)

View More News →

packet storm

© 2012 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Advertising: Become an Advertiser
Hosting By: Rokabear; Global Mirror List