This Metasploit module exploits a directory traversal vulnerability on the version 5.2 of the BIMS component from the HP Intelligent Management Center. The vulnerability exists in the UploadServlet, allowing the user to download and upload arbitrary files. This Metasploit module has been tested successfully on HP Intelligent Management Center with BIMS 5.2 E0401 on Windows 2003 SP2.
259ed051cf78d79d3dc1060b81ae4b7df6b46139d8805a2a7c01408edc69946dHP Security Bulletin HPSBGN02929 - Potential security vulnerabilities have been identified with HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Software Module (BIMS). The vulnerabilities could be remotely exploited resulting in code execution and disclosure of information. Note: The vulnerability solutions have been implemented in the iMC BIMS software updates. In order to be interoperable with the iMC BIMS updated software, software updates are required for Comware Based Switches and Routers that use BIMS. The software update information for the Comware Based Switches and Routers is also included in the Resolution section below. Revision 1 of this advisory.
1a9b0267d979f31cf869ca2179651c1ca9f3ca5eca762a3f8e5b9cbf8682aaae
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed