Skip to main content

HP Managed Printing Administration Multiple Vulnerabilities

Last Update Date: 28 Dec 2011 15:26 Release Date: 28 Dec 2011 5551 Views

RISK: Medium Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

Multiple vulnerabilities have been identified in HP Managed Printing Administration, which can be exploited by malicious people to compromise a vulnerable system.

  1. An input sanitisation error in the MPAUploader.Uploader.1.UploadFiles() function can be exploited to create arbitrary files via directory traversal sequences.
  2. A boundary error within MPAUploader.dll3 when parsing the "filename" parameter passed via Default.asp can be exploited to cause a stack-based buffer overflow via an overly long string.
  3. An input sanitisation error in jobDelivery\Default.asp can be exploited to create arbitrary files via directory traversal sequences.
  4. A vulnerability is caused due to an unspecified error. No further information is currently available.

Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
 


Impact

  • Remote Code Execution

System / Technologies affected

  • HP Managed Printing Administration prior to 2.6.4.

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 2.6.4.

Vulnerability Identifier


Source


Related Link