CVE-2013-6221
CVE-2013-6221
Directory traversal vulnerability in CommunicationServlet in HP Service Virtualization 3.x before 3.50.1, when the AutoPass license server is enabled, allows remote attackers to create arbitrary files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-2031.
Productos afectados
n/a · n/aPoCs públicas encontradas — 3
cve_referencepacketstormsecurity.com/files/127247/HP-AutoPass-License-Server-File-Upload.htmlno verificadocve_referencewww.exploit-db.com/exploits/33891no verificadoexploitdbwww.exploit-db.com/exploits/33891no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://packetstormsecurity.com/files/127247/HP-AutoPass-License-Server-File-Upload.htmlhttps://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/hp_autopass_license_traversal.rbhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04333125http://www.exploit-db.com/exploits/33891http://www.osvdb.org/107943http://www.securitytracker.com/id/1030385http://zerodayinitiative.com/advisories/ZDI-14-195/