Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
GEN:SID | 1:2548 |
Message | MISC HP Web JetAdmin setinfo access |
Summary | This event is generated when an attempt is made to exploit a vulnerability associated with the web interface support for the HP JetAdmin printer. |
Impact | A successful attack may allow unauthorized files to be read or the injection of a .hts script on a vulnerable server. |
Detailed Information | The HP Web JetAdmin provides a web interface for the administration of the HP Web JetAdmin printer. A vulnerability exists that allows unauthorized files to be read or a .hts script to be executed. This is caused when the /plugins/hpjdwm/script/test/setinfo.hts script is supplied a value to the setinclude parameter that represents an unauthorized file to be read outside the web root or represents a .hts file that will be executed with system privileges on the vulnerable server. |
Affected Systems | HP Web JetAdmin 7.2. |
Attack Scenarios | An attacker can execute the vulnerable script and supply a value to setinclude indicating an unauthorized file to be read or an .hts file to be executed. |
Ease of Attack | Simple. |
Corrective Action | Upgrade to the latest non-affected version of the software or apply the appropriate patch when it becomes available. |
Additional References | |
Rule References | bugtraq: 9972 cve: 2004-1857 nessus: 12120 |
--
DID:721472
--
http://www.aanval.com/