HP Managed Printing Administration Multiple Vulnerabilities

Last Update Date: 28 Dec 2011 15:26 Release Date: 28 Dec 2011 4773 Views

RISK: Medium Risk

Medium Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

Multiple vulnerabilities have been identified in HP Managed Printing Administration, which can be exploited by malicious people to compromise a vulnerable system.

  1. An input sanitisation error in the MPAUploader.Uploader.1.UploadFiles() function can be exploited to create arbitrary files via directory traversal sequences.
  2. A boundary error within MPAUploader.dll3 when parsing the "filename" parameter passed via Default.asp can be exploited to cause a stack-based buffer overflow via an overly long string.
  3. An input sanitisation error in jobDelivery\Default.asp can be exploited to create arbitrary files via directory traversal sequences.
  4. A vulnerability is caused due to an unspecified error. No further information is currently available.

Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
 

Impact

  • Remote Code Execution

System / Technologies affected

  • HP Managed Printing Administration prior to 2.6.4.

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 2.6.4.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Microsoft Windows Phone Message Processing Denial of Service Vulnerability

28 Dec 2011 4502 Views

Next

GNU inetutils telnetd Buffer Overflow Vulnerability

28 Dec 2011 4784 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY