← volver
CVE-2009-3843

CVE-2009-3843

EPSS 78.8%
HP Operations Manager 8.10 on Windows contains a "hidden account" in the XML file that specifies Tomcat users, which allows remote attackers to conduct unrestricted file upload attacks, and thereby execute arbitrary code, by using the org.apache.catalina.manager.HTMLManagerServlet class to make requests to manager/html/upload.
Productos afectados
n/a · n/a
PoCs públicas encontradas1
exploitdbwww.exploit-db.com/exploits/16317no verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://marc.info/?l=bugtraq&m=125873415424980&w=2http://secunia.com/advisories/37444http://securitytracker.com/id?1023222https://exchange.xforce.ibmcloud.com/vulnerabilities/54361http://www.osvdb.org/60317http://www.zerodayinitiative.com/advisories/ZDI-09-085/