Computer Security
[EN] securityvulns.ru no-pyccku


HP OpenView Performance Insight code execution
Published:11.03.2010
Source:
SecurityVulns ID:10682
Type:remote
Threat Level:
6/10
Description:It's possible to upload JSP page to server.
Affected:HP : Performance Insight 5.4
CVE:CVE-2010-0447 (The helpmanager servlet in the web server in HP OpenView Performance Insight (OVPI) 5.4 and earlier does not properly authenticate and validate requests, which allows remote attackers to execute arbitrary commands via vectors involving upload of a JSP document.)
Original documentdocumentZDI, ZDI-10-026: Hewlett-Packard OVPI helpmanager Servlet Remote Code Execution Vulnerability (11.03.2010)
 documentHP, [security bulletin] HPSBMA02489 SSRT090065 rev.1 - HP Performance Insight , Remote Execution of Arbitrary Commands (11.03.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod