GEN:SID | 1:2549 |
Message | MISC HP Web JetAdmin file write attempt |
Summary | This event is generated when an attempt is made to exploit a vulnerability associated with the web interface support for the HP JetAdmin printer.
|
Impact | A successful attack may allow a sensitive system file to be overwritten.
|
Detailed Information | The HP Web JetAdmin provides a web interface for the administration of the HP Web JetAdmin printer. A vulnerability is present that allows an existing file on the server to be overwritten. This problem exists because the script /plugins/framework/script/tree.xms does not sanitize the value supplied to the parameter WriteToFile, permitting a directory traversal from the web root directory to any file. An attacker can supply the data to write to the specified file.
|
Affected Systems | HP Web JetAdmin 7.2.
|
Attack Scenarios | An attacker can overwrite a sensitive system file using the WriteToFile parameter and supplying the data to write to the file.
|
Ease of Attack | Simple.
|
Corrective Action | Upgrade to the latest non-affected version of the software or apply the appropriate patch when it becomes available.
|
Additional References | |
Rule References | bugtraq: 9973
|