HP Managed Printing Administration Multiple Remote Security Vulnerabilities
BID:51174
Info
HP Managed Printing Administration Multiple Remote Security Vulnerabilities
| Bugtraq ID: | 51174 |
| Class: | Input Validation Error |
| CVE: |
CVE-2011-4166 CVE-2011-4167 CVE-2011-4168 CVE-2011-4169 |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 22 2011 12:00AM |
| Updated: | Jul 19 2013 05:53AM |
| Credit: | Andrea Micalizzi aka rgod |
| Vulnerable: |
HP Managed Printing Administration 2.6.3 |
| Not Vulnerable: |
HP Managed Printing Administration 2.6.4 |
Discussion
HP Managed Printing Administration Multiple Remote Security Vulnerabilities
HP Managed Printing Administration is prone to multiple remote security vulnerabilities including:
1. A remote code-execution vulnerability.
2. Multiple arbitrary file-deletion vulnerabilities.
3. Multiple arbitrary file-creation vulnerabilities.
4. Multiple directory-traversal vulnerabilities.
5. An SQL-injection vulnerability.
An attacker can exploit these issues to execute arbitrary code, create or delete arbitrary files, use directory-traversal strings to retrieve arbitrary files, access or modify data, or exploit latent vulnerabilities in the underlying database.
Versions prior to HP Managed Printing Administration 2.6.4 are vulnerable.
HP Managed Printing Administration is prone to multiple remote security vulnerabilities including:
1. A remote code-execution vulnerability.
2. Multiple arbitrary file-deletion vulnerabilities.
3. Multiple arbitrary file-creation vulnerabilities.
4. Multiple directory-traversal vulnerabilities.
5. An SQL-injection vulnerability.
An attacker can exploit these issues to execute arbitrary code, create or delete arbitrary files, use directory-traversal strings to retrieve arbitrary files, access or modify data, or exploit latent vulnerabilities in the underlying database.
Versions prior to HP Managed Printing Administration 2.6.4 are vulnerable.
Exploit / POC
HP Managed Printing Administration Multiple Remote Security Vulnerabilities
Attackers can use a browser to exploit these issues.
The following metasploit module is available:
Attackers can use a browser to exploit these issues.
The following metasploit module is available:
Solution / Fix
HP Managed Printing Administration Multiple Remote Security Vulnerabilities
Solution:
Updates are available; please contact the vendor for more information.
Solution:
Updates are available; please contact the vendor for more information.
References
HP Managed Printing Administration Multiple Remote Security Vulnerabilities
References:
References:
- HP Homepage (HP)
- HPSBPI02732 SSRT100435 rev.1 - HP Managed Printing Administration, Remote Execut (HP)
- ZDI-11-352: HP Managed Printing Administration jobAcct Multiple Vulnerabilities (TippingPoint Zero Day Initiative)
- ZDI-11-353: HP Managed Printing Administration MPAUploader.dll Remote Code Execu (TippingPoint Zero Day Initiative)
- ZDI-11-354: HP Managed Printing Administration jobDelivery Multiple Vulnerabilit (TippingPoint Zero Day Initiative)
- ZDI-12-001: HP Managed Printing Administration img_id Multiple Vulnerabilities (TippingPoint Zero Day Initiative)
- [security bulletin] HPSBPI02732 SSRT100435 rev.1 - HP Managed Printing Administr (security-alert)
- HPSBPI02732 SSRT100435 rev.1 - HP Managed Printing Administration, Remote Execut (HP)