8 lines
No EOL
683 B
Text
8 lines
No EOL
683 B
Text
source: https://www.securityfocus.com/bid/13414/info
|
|
|
|
A remote command execution vulnerability affects HP OpenView Radia Management Portal. This issue is due to a failure of the application to properly secure access to critical functionality. This is due to a directory traversal issue that will permit a remote user to execute any program on the affected computer.
|
|
|
|
An unauthenticated, remote attacker may leverage this issue to execute arbitrary commands on an affected computer with Local System privileges on the Microsoft Windows platform and elevated privileges on UNIX-based platforms.
|
|
|
|
bash$ printf "\x00\x00\x00../../windows/system32/whoami.exe\x00" | nc -v
|
|
xx.xx.xx.xx 1065 |