Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в HP Managed Printing Administration
дополнено с 26 декабря 2011 г.
Опубликовано:9 января 2012 г.
Источник:
SecurityVulns ID:12115
Тип:удаленная
Уровень опасности:
6/10
Описание:Переполнение буфера, несанкционированный доступ к файлам, обратный путь в каталогах.
CVE:CVE-2011-4169 (Unspecified vulnerability in HP Managed Printing Administration before 2.6.4 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.)
 CVE-2011-4168 (Directory traversal vulnerability in hpmpa/jobDelivery/Default.asp in HP Managed Printing Administration before 2.6.4 allows remote attackers to create arbitrary files via crafted form data.)
 CVE-2011-4167 (Stack-based buffer overflow in MPAUploader.dll in HP Managed Printing Administration before 2.6.4 allows remote attackers to execute arbitrary code via a long filename parameter in an uploadfile action to Default.asp.)
 CVE-2011-4166 (Directory traversal vulnerability in the MPAUploader.Uploader.1.UploadFiles method in HP Managed Printing Administration before 2.6.4 allows remote attackers to create arbitrary files via crafted form data.)
Оригинальный текстdocumentHP, [security bulletin] HPSBPI02732 SSRT100435 rev.1 - HP Managed Printing Administration, Remote Execution of Arbitrary Code and Other Vulnerabilities (09.01.2012)
 documentZDI, ZDI-12-001 : HP Managed Printing Administration img_id Multiple Vulnerabilities (09.01.2012)
 documentZDI, ZDI-11-354 : HP Managed Printing Administration jobDelivery Multiple Vulnerabilities (26.12.2011)
 documentZDI, ZDI-11-353 : HP Managed Printing Administration MPAUploader.dll Remote Code Execution Vulnerability (26.12.2011)
 documentZDI, ZDI-11-352 : HP Managed Printing Administration jobAcct Multiple Vulnerabilities (26.12.2011)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород