CVE-2011-0276
CVE-2011-0276
HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a "hidden account" in the com.trinagy.security.XMLUserManager Java class, which allows remote attackers to execute arbitrary code via the doPost method in the com.trinagy.servlet.HelpManagerServlet class.
Affected products
n/a · n/apublic PoCs found — 2
cve_referencewww.exploit-db.com/exploits/16984unverifiedexploitdbwww.exploit-db.com/exploits/16984unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02695453http://osvdb.org/70754http://secunia.com/advisories/43145http://securityreason.com/securityalert/8136https://exchange.xforce.ibmcloud.com/vulnerabilities/65038http://www.exploit-db.com/exploits/16984http://www.securityfocus.com/archive/1/516093/100/0/threadedhttp://www.securityfocus.com/bid/46079http://www.securitytracker.com/id?1025014http://www.vupen.com/english/advisories/2011/0258http://www.zerodayinitiative.com/advisories/ZDI-11-034