HP Managed Printing Administration Multiple Vulnerabilities
Last Update Date:
28 Dec 2011 15:26
Release Date:
28 Dec 2011
5551
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities have been identified in HP Managed Printing Administration, which can be exploited by malicious people to compromise a vulnerable system.
- An input sanitisation error in the MPAUploader.Uploader.1.UploadFiles() function can be exploited to create arbitrary files via directory traversal sequences.
- A boundary error within MPAUploader.dll3 when parsing the "filename" parameter passed via Default.asp can be exploited to cause a stack-based buffer overflow via an overly long string.
- An input sanitisation error in jobDelivery\Default.asp can be exploited to create arbitrary files via directory traversal sequences.
- A vulnerability is caused due to an unspecified error. No further information is currently available.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
Impact
- Remote Code Execution
System / Technologies affected
- HP Managed Printing Administration prior to 2.6.4.
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to version 2.6.4.
Vulnerability Identifier
Source
Related Link
Share with