A vulnerability has been identified in HP Linux Imaging and Printing System (HPLIP), which could be exploited by remote attackers to install an agent with root privileges. This issue is caused by input validation errors in the hpssd daemon that does not validate user-supplied data before being passed to a "popen3()" call, which could be exploited by malicious users to inject and execute arbitrary commands.
A vulnerability has been identified in HP Linux Imaging and Printing System (HPLIP), which could be exploited by local attackers to obtain elevated privileges. This issue is caused by input validation errors in the hpssd daemon that does not validate user-supplied data before being passed to a "popen3()" call, which could be exploited by malicious users to inject and execute arbitrary commands.
This module exploits a directory traversal vulnerability in HP Intelligent Management Center. Due to a lack of authentication and a directory traversal vulnerability in the IctDownloadServlet component, an attacker can retrieve arbitrary files.
This module exploits a directory traversal vulnerability in HP Intelligent Management Center. Due to a lack of authentication and a directory traversal vulnerability in the FaultDownloadServlet component, an attacker can retrieve arbitrary files.
This module exploits a stack buffer overflow in HP Intelligent Management Center's uam.exe service which listens on port UDP/1811. The vulnerability is due to lack of validation of a string passed to sprintf.
This module exploits a remote code execution vulnerability in HP Intelligent Management Center by using the "mibFileUpload" servlet to upload an arbitrary .JSP file.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing HP iNode Management Center. A remote user can send specially crafted data to TCP port 9090 to trigger a stack overflow and execute arbitrary code on the target system.
This module exploits a remote code execution vulnerability in HP Data Protector by sending a specially crafted EXEC_BAR request.
This module exploits a remote buffer overflow in the OmniInet.exe service included in the HP Data Protector application by sending a malformed packet.
This module exploits a remote stack-based buffer overflow vulnerability in HP Data Protector, by sending a malformed message with opcode 0x330 to the port 3817/TCP, which will trigger a buffer overflow. Authentication is not required to exploit this vulnerability.