Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> General >> HP Jet Admin 6.5 or less Vulnerability


Vulnerability Assessment Details

HP Jet Admin 6.5 or less Vulnerability

Vulnerability Assessment Summary
HP JetAdmin 6.5 or less vulnerability

Detailed Explanation for this Vulnerability Assessment

The remote HP Web Jetadmin is vulnerable to multiple exploits. This includes,
but is not limited to, full remote administrative access. A possible hacker
can execute code remotely with SYSTEM level (or root) rights by invoking
the ExecuteFile function. To further exacerbate this issue, there is working
exploit code for multiple vulnerabilities within this product.

See also :
http://www.phenoelit.de/stuff/HP_Web_Jetadmin_advisory.txt
http://xforce.iss.net/xforce/xfdb/15989

Solution: The issues are resolved in HP Web Jetadmin version 7.5

Network Security Threat Level: High

Networks Security ID: 9973, 10224

Vulnerability Assessment Copyright: facq

Cables, Connectors

IBM x3650 M3 7944-AC1 2x Intel X5690 6 Core 3.47GHz 8 Bay Rackmount 1U Server
$298.0
IBM x3650 M3 7944-AC1 2x Intel X5690 6 Core 3.47GHz 8 Bay Rackmount 1U Server pictureIBM SYSTEM X3650 M4 2.5 SERVER E5-2667 2.90GHZ 32GB 7 X 146GB 15K SAS M5110E
$2959.0
IBM SYSTEM X3650 M4 2.5 SERVER E5-2667 2.90GHZ 32GB 7 X 146GB 15K SAS M5110E pictureIBM HS22V BLADECENTER SERVER TWO E5620 2.40GHZ 24GB NO HDD
$629.0
IBM HS22V BLADECENTER SERVER TWO E5620 2.40GHZ 24GB NO HDD pictureIBM 49Y7949 Broadcom NetXtreme II Quad Port PCI-e Ethernet Server Adapter
$25.0
IBM 49Y7949 Broadcom NetXtreme II Quad Port PCI-e Ethernet Server Adapter picture


Discussions

No Discussions have been posted on this vulnerability.