HP Application Lifestyle Management 'GetInstalledPackages' Local Privilege Escalation Vulnerability
BID:50982
Info
HP Application Lifestyle Management 'GetInstalledPackages' Local Privilege Escalation Vulnerability
| Bugtraq ID: | 50982 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2011-4834 |
| Remote: | No |
| Local: | Yes |
| Published: | Dec 08 2011 12:00AM |
| Updated: | Dec 16 2011 06:18PM |
| Credit: | 0a29406d9794e4f9b30b3c5d6702c708 |
| Vulnerable: |
HP Application Lifestyle Management 11 |
| Not Vulnerable: | |
Discussion
HP Application Lifestyle Management 'GetInstalledPackages' Local Privilege Escalation Vulnerability
HP Application Lifestyle Management is prone to a local privilege-escalation vulnerability.
Local attackers can exploit this issue to execute arbitrary code with elevated privileges.
HP Application Lifestyle Management is prone to a local privilege-escalation vulnerability.
Local attackers can exploit this issue to execute arbitrary code with elevated privileges.
Exploit / POC
HP Application Lifestyle Management 'GetInstalledPackages' Local Privilege Escalation Vulnerability
The following exploit is available:
The following exploit is available:
Solution / Fix
HP Application Lifestyle Management 'GetInstalledPackages' Local Privilege Escalation Vulnerability
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
References
HP Application Lifestyle Management 'GetInstalledPackages' Local Privilege Escalation Vulnerability
References:
References:
- HP Homepage (HP)
- 0A29-11-2 : Privilege escalation vulnerability in HP Application Lifestyle Manag (Full Disclosure)