var-201412-0023
Vulnerability from variot
Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation. HP Device Manager is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Remote attackers may use a specially crafted request with directory-traversal sequences ('../') to retrieve arbitrary files from the affected system in the context of the application.Information obtained could aid in further attacks. HP Device Manager 4.7 and prior versions are vulnerable. Ipswitch WhatsUp Gold is a set of unified infrastructure and application monitoring software from Ipswitch in the United States. The software supports the performance management of networks, servers, virtual environments and applications. ----------------------------------------------------------------------
Secunia is hiring!
Find your next job here:
http://secunia.com/company/jobs/
TITLE: Ipswitch TFTP Server Directory Traversal Vulnerability
SECUNIA ADVISORY ID: SA47025
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47025/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47025
RELEASE DATE: 2011-12-02
DISCUSS ADVISORY: http://secunia.com/advisories/47025/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/47025/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=47025
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Prabhu S Angadi has discovered a vulnerability in Ipswitch TFTP Server, which can be exploited by malicious people to disclose sensitive information.
SOLUTION: Restrict network access to the service.
PROVIDED AND/OR DISCOVERED BY: Prabhu S Angadi, SecPod Research.
ORIGINAL ADVISORY: http://secpod.org/blog/?p=424
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Note: the current version of the following document is available here: https://h20565.www2.hp.com/hpsc/doc/public/display?docId=3Demr_na-c05054714
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c05054714 Version: 1
HPSBGN3547 rev.1 - HP Device Manager, Remote Read Access to Arbitrary Files NOTICE: The information in this Security Bulletin should be acted upon as s= oon as possible.
Release Date: 2016-03-21 Last Updated: 2016-03-21
Potential Security Impact: Remote read access to arbitrary files.
References:
- CVE-2011-4722
- PSR-2015-0273
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP Device Manager 4.7 and all previous releases, including major releases, minor releases, and service packs
*ONLY impacted versions are listed.
BACKGROUND
For a PGP signed version of this security bulletin please write to: security-alert@hp.com
CVSS 2.0 Base Metrics =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D Reference Base Vector Base Scor= e CVE-2011-4722 (AV:N/AC:L/Au:N/C:C/I:N/A:N) 7.8 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D Information on CVSS is documented in HP Customer Notice: HPSN2008002. Open File Explorer and go to the directory \HP Device Manager\Gateway\PxeServer.
-
Right click the file PXEService.exe and select Menu Item Properties.
-
Select the Details tab and check if File version or Product version has= any version information.
-
If there is no version information, the PXEService.exe file includes th= e vulnerability CVE-2011-4722 as mentioned above.
HP has made the following product updates available for the impacted produc= ts.
To fix this vulnerability, choose ONE of the following resolution methods:
-
Resolution 1 - Upgrade HP Device Manager to version 4.7 Service Pack 1 = or higher. In these versions, the vulnerability has been fixed.
-
Download PXEService.zip from ftp://ftp.hp.com/pub/hpdm/Patches/ CVE-2011-4722/PXEService.zip to a temporary folder.
-
Unzip PXEService.zip to get the PXEService.exe file.
-
Go to Windows Control Panel > Administrative Tools > Services.
-
Stop the HPDM PXEService service, if this service has started.
-
Open File Explorer and go to the directory \HP Dev= ice Manager\Gateway\PxeServer.
-
Copy the decompressed PXEService.exe file to this folder to overwri= te the old PXEService.exe file.
-
Start the " HPDM PXEService" in Windows Services.
-
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current se= cure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determ= ine the applicability of this information to their individual situations and ta= ke appropriate action. HP does not warrant that this information is necessaril= y accurate or complete for all user situations and, consequently, HP will not= be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranti= es of merchantability and fitness for a particular purpose, title and non-infringement."
REVISION HISTORY
Version:1 (rev.1) 21 March 2016 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues abou= t the content of this Security Bulletin, send e?mail to hp?security?alert@hp.= com
Report: To report a potential security vulnerability with any HP supported product, send email to: hp?security?alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulleti= n alerts via Email: http://support.hp.com/us/en/subscribe/ Security Bulletin Archive: A list of recently released Security Bulletins i= s available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ secBullArchive
Software Product Category: The Software Product Category is represented in = the title by the two characters following HPSB.
PI =3D HP Printing and Imaging HF =3D HP Hardware and Firmware ST =3D HP Storage Software GN =3D HP General Software
Support: For further information, contact normal HP Services support channe= l.
Report: To report a potential security vulnerability with any HP supported product, send Email to: hp-security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted usi= ng PGP, especially exploit information.
To get the security?alert PGP key, please send an e?mail message as follows= : To: hp?security?alert@hp.com Subject: get key
Copyright 2016 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial erro= rs or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or= its affiliates, subcontractors or suppliers will be liable for incidental,speci= al or consequential damages including downtime cost; lost profits;damages rela= ting to the procurement of substitute products or services; or damages for loss = of data, or software restoration. The information in this document is subject = to change without notice. Hewlett-Packard Company and the names of Hewlett-Pac= kard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentione= d herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQIcBAEBCAAGBQJW/q1QAAoJEPRuzn0I+N3ZzuUP/jvrxRZ8wyGyaY62b2N6feeF b4OdDn5pkPH0qEiWtx7VePzjTH352CQmfY5RIX6mGdgjzWs53NS1yNb/zdUWoUDD zUMkQ6MyIW/6hUbBgDSXwcMtshv5TZouUrFsm5hdn1MSG9Z95CZ4Uw7dTjaRXGEC pvkqkIZT6ykKH/XCzbLnRkEIGTFZHVHflJ/5hX2Cr0UQOF1UZ+RmNZ2qjQkz5pRI hf2+kPTx1pgniT8k6PjpceYHYSpflRJeX3/JwTL8Q5Ln4du71bB1QNcsh9LudbXb 4HL4dEI7/VcInOHiCg3OYLP84vxFYx+bIBV/Z0cZJnZyzdIfoQHYBMlaMUJVwShI jt/rqwoK75rWVWWKQ09LhBUJfSu0ab3fpoeB1GOIKh49+w/MkWEAOlLvhbmH0pCy 6Ttpih9tm102/WM9FuRrTi7dXkGwwb0/mfs2NMcy8fRVO1aWB7tpGL4ckiaKwcjB HX/GJLkmVdN8nIKF3LEXD6RuPCSivVdQm+Skx7BM27gx+YMzHVgpMZ0gUE2h6tWe 3Add+KplBHFsKvBC/gC+6VIMJ2iuYfrim5/EgCA6bZiuGo8z74wJmma1uRHtdmnr vOfddkY7ERWgcDm01POhMGjZbxtPQhWJOGiegY4q0Q+2FWzppbYDMXt1UsKDcTKo JjjM2H/sAC1YCl8D4WPk =3D5cnm -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0023",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tftp server",
"scope": "eq",
"trust": 2.7,
"vendor": "ipswitch",
"version": "1.0.0.24"
}
],
"sources": [
{
"db": "BID",
"id": "78379"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005355"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-579"
},
{
"db": "NVD",
"id": "CVE-2011-4722"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ipswitch:tftp_server",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-005355"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Thomas Sundell, Uppsala University",
"sources": [
{
"db": "BID",
"id": "85783"
}
],
"trust": 0.3
},
"cve": "CVE-2011-4722",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2011-4722",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-52667",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-4722",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-4722",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-579",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-52667",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-52667"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005355"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-579"
},
{
"db": "NVD",
"id": "CVE-2011-4722"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation. HP Device Manager is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. \nRemote attackers may use a specially crafted request with directory-traversal sequences (\u0027../\u0027) to retrieve arbitrary files from the affected system in the context of the application.Information obtained could aid in further attacks. \nHP Device Manager 4.7 and prior versions are vulnerable. Ipswitch WhatsUp Gold is a set of unified infrastructure and application monitoring software from Ipswitch in the United States. The software supports the performance management of networks, servers, virtual environments and applications. ----------------------------------------------------------------------\n\nSecunia is hiring!\n\nFind your next job here:\n\nhttp://secunia.com/company/jobs/\n\n----------------------------------------------------------------------\n\nTITLE:\nIpswitch TFTP Server Directory Traversal Vulnerability\n\nSECUNIA ADVISORY ID:\nSA47025\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/47025/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47025\n\nRELEASE DATE:\n2011-12-02\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/47025/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/47025/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47025\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nPrabhu S Angadi has discovered a vulnerability in Ipswitch TFTP\nServer, which can be exploited by malicious people to disclose\nsensitive information. \n\nSOLUTION:\nRestrict network access to the service. \n\nPROVIDED AND/OR DISCOVERED BY:\nPrabhu S Angadi, SecPod Research. \n\nORIGINAL ADVISORY:\nhttp://secpod.org/blog/?p=424\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nNote: the current version of the following document is available here:\nhttps://h20565.www2.hp.com/hpsc/doc/public/display?docId=3Demr_na-c05054714\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c05054714\nVersion: 1\n\nHPSBGN3547 rev.1 - HP Device Manager, Remote Read Access to Arbitrary Files\nNOTICE: The information in this Security Bulletin should be acted upon as s=\noon\nas possible. \n\nRelease Date: 2016-03-21\nLast Updated: 2016-03-21\n\nPotential Security Impact: Remote read access to arbitrary files. \n\nReferences:\n\n * CVE-2011-4722\n * PSR-2015-0273\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\nHP Device Manager 4.7 and all previous releases, including major releases,\nminor releases, and service packs\n\n*ONLY impacted versions are listed. \n\nBACKGROUND\n\nFor a PGP signed version of this security bulletin please write to:\nsecurity-alert@hp.com\n\nCVSS 2.0 Base Metrics\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=\n=3D=3D=3D=3D=3D\n Reference Base Vector Base Scor=\ne\nCVE-2011-4722 (AV:N/AC:L/Au:N/C:C/I:N/A:N) 7.8\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=\n=3D=3D=3D=3D=3D\nInformation on CVSS is documented in HP Customer Notice: HPSN2008002. Open File Explorer and go to the directory \u003cHPDMInstallPath\u003e\\HP Device\n Manager\\Gateway\\PxeServer. \n\n 2. Right click the file PXEService.exe and select Menu Item Properties. \n\n 3. Select the Details tab and check if File version or Product version has=\n any\n version information. \n\n 4. If there is no version information, the PXEService.exe file includes th=\ne\n vulnerability CVE-2011-4722 as mentioned above. \n\nHP has made the following product updates available for the impacted produc=\nts. \n\nTo fix this vulnerability, choose ONE of the following resolution methods:\n\n * Resolution 1 - Upgrade HP Device Manager to version 4.7 Service Pack 1 =\nor\n higher. In these versions, the vulnerability has been fixed. \n\n 1. Download PXEService.zip from ftp://ftp.hp.com/pub/hpdm/Patches/\n CVE-2011-4722/PXEService.zip to a temporary folder. \n\n 2. Unzip PXEService.zip to get the PXEService.exe file. \n\n 3. Go to Windows Control Panel \u003e Administrative Tools \u003e Services. \n\n 4. Stop the HPDM PXEService service, if this service has started. \n\n 5. Open File Explorer and go to the directory \u003cHPDMInstallPath\u003e\\HP Dev=\nice\n Manager\\Gateway\\PxeServer. \n\n 6. Copy the decompressed PXEService.exe file to this folder to overwri=\nte\n the old PXEService.exe file. \n\n 7. Start the \" HPDM PXEService\" in Windows Services. \n\nSystem management and security procedures must be reviewed frequently to\nmaintain system integrity. HP is continually reviewing and enhancing the\nsecurity features of software products to provide customers with current se=\ncure\nsolutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the\nattention of users of the affected HP products the important security\ninformation contained in this Bulletin. HP recommends that all users determ=\nine\nthe applicability of this information to their individual situations and ta=\nke\nappropriate action. HP does not warrant that this information is necessaril=\ny\naccurate or complete for all user situations and, consequently, HP will not=\n be\nresponsible for any damages resulting from user\u0027s use or disregard of the\ninformation provided in this Bulletin. To the extent permitted by law, HP\ndisclaims all warranties, either express or implied, including the warranti=\nes\nof merchantability and fitness for a particular purpose, title and\nnon-infringement.\"\n\nREVISION HISTORY\n\nVersion:1 (rev.1) 21 March 2016 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues abou=\nt\nthe content of this Security Bulletin, send e?mail to hp?security?alert@hp.=\ncom\n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send email to: hp?security?alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulleti=\nn\nalerts via Email: http://support.hp.com/us/en/subscribe/\nSecurity Bulletin Archive: A list of recently released Security Bulletins i=\ns\navailable here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/\nsecBullArchive\n\nSoftware Product Category: The Software Product Category is represented in =\nthe\ntitle by the two characters following HPSB. \n\nPI =3D HP Printing and Imaging\nHF =3D HP Hardware and Firmware\nST =3D HP Storage Software\nGN =3D HP General Software\n\nSupport: For further information, contact normal HP Services support channe=\nl. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: hp-security-alert@hp.com It is strongly recommended\nthat security related information being communicated to HP be encrypted usi=\nng\nPGP, especially exploit information. \n\nTo get the security?alert PGP key, please send an e?mail message as follows=\n:\nTo: hp?security?alert@hp.com\nSubject: get key\n\nCopyright 2016 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial erro=\nrs\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or=\n its\naffiliates, subcontractors or suppliers will be liable for incidental,speci=\nal\nor consequential damages including downtime cost; lost profits;damages rela=\nting\nto the procurement of substitute products or services; or damages for loss =\nof\ndata, or software restoration. The information in this document is subject =\nto\nchange without notice. Hewlett-Packard Company and the names of Hewlett-Pac=\nkard\nproducts referenced herein are trademarks of Hewlett-Packard Company in the\nUnited States and other countries. Other product and company names mentione=\nd\nherein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v2\n\niQIcBAEBCAAGBQJW/q1QAAoJEPRuzn0I+N3ZzuUP/jvrxRZ8wyGyaY62b2N6feeF\nb4OdDn5pkPH0qEiWtx7VePzjTH352CQmfY5RIX6mGdgjzWs53NS1yNb/zdUWoUDD\nzUMkQ6MyIW/6hUbBgDSXwcMtshv5TZouUrFsm5hdn1MSG9Z95CZ4Uw7dTjaRXGEC\npvkqkIZT6ykKH/XCzbLnRkEIGTFZHVHflJ/5hX2Cr0UQOF1UZ+RmNZ2qjQkz5pRI\nhf2+kPTx1pgniT8k6PjpceYHYSpflRJeX3/JwTL8Q5Ln4du71bB1QNcsh9LudbXb\n4HL4dEI7/VcInOHiCg3OYLP84vxFYx+bIBV/Z0cZJnZyzdIfoQHYBMlaMUJVwShI\njt/rqwoK75rWVWWKQ09LhBUJfSu0ab3fpoeB1GOIKh49+w/MkWEAOlLvhbmH0pCy\n6Ttpih9tm102/WM9FuRrTi7dXkGwwb0/mfs2NMcy8fRVO1aWB7tpGL4ckiaKwcjB\nHX/GJLkmVdN8nIKF3LEXD6RuPCSivVdQm+Skx7BM27gx+YMzHVgpMZ0gUE2h6tWe\n3Add+KplBHFsKvBC/gC+6VIMJ2iuYfrim5/EgCA6bZiuGo8z74wJmma1uRHtdmnr\nvOfddkY7ERWgcDm01POhMGjZbxtPQhWJOGiegY4q0Q+2FWzppbYDMXt1UsKDcTKo\nJjjM2H/sAC1YCl8D4WPk\n=3D5cnm\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4722"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005355"
},
{
"db": "BID",
"id": "85783"
},
{
"db": "BID",
"id": "78379"
},
{
"db": "VULHUB",
"id": "VHN-52667"
},
{
"db": "PACKETSTORM",
"id": "107476"
},
{
"db": "PACKETSTORM",
"id": "136522"
}
],
"trust": 2.43
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-52667",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-52667"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-4722",
"trust": 3.2
},
{
"db": "EXPLOIT-DB",
"id": "18189",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1026368",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "47025",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "77455",
"trust": 1.7
},
{
"db": "XF",
"id": "71610",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005355",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-579",
"trust": 0.7
},
{
"db": "BID",
"id": "85783",
"trust": 0.4
},
{
"db": "BID",
"id": "78379",
"trust": 0.4
},
{
"db": "PACKETSTORM",
"id": "136522",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-72382",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-52667",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "107476",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-52667"
},
{
"db": "BID",
"id": "85783"
},
{
"db": "BID",
"id": "78379"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005355"
},
{
"db": "PACKETSTORM",
"id": "107476"
},
{
"db": "PACKETSTORM",
"id": "136522"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-579"
},
{
"db": "NVD",
"id": "CVE-2011-4722"
}
]
},
"id": "VAR-201412-0023",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-52667"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T15:35:03.312000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Managing the TFTP server",
"trust": 0.8,
"url": "http://docs.ipswitch.com/NM/85_WhatsUp%20Gold%20v14.2/03_Help/index.htm?26957.htm?toc.htm"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-005355"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-52667"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005355"
},
{
"db": "NVD",
"id": "CVE-2011-4722"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://secpod.org/blog/?p=424"
},
{
"trust": 2.0,
"url": "http://www.exploit-db.com/exploits/18189/"
},
{
"trust": 2.0,
"url": "http://securitytracker.com/id?1026368"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/77455"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/47025"
},
{
"trust": 1.4,
"url": "https://h20565.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c05054714"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71610"
},
{
"trust": 0.9,
"url": "http://xforce.iss.net/xforce/xfdb/71610"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4722"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4722"
},
{
"trust": 0.3,
"url": "http://www.hp.com"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47025/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47025/"
},
{
"trust": 0.1,
"url": "http://secunia.com/company/jobs/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47025"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-4722"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://h20565.www2.hp.com/hpsc/doc/public/display?docid=3demr_na-c05054714"
},
{
"trust": 0.1,
"url": "http://support.hp.com/us/en/subscribe/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-52667"
},
{
"db": "BID",
"id": "85783"
},
{
"db": "BID",
"id": "78379"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005355"
},
{
"db": "PACKETSTORM",
"id": "107476"
},
{
"db": "PACKETSTORM",
"id": "136522"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-579"
},
{
"db": "NVD",
"id": "CVE-2011-4722"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-52667"
},
{
"db": "BID",
"id": "85783"
},
{
"db": "BID",
"id": "78379"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005355"
},
{
"db": "PACKETSTORM",
"id": "107476"
},
{
"db": "PACKETSTORM",
"id": "136522"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-579"
},
{
"db": "NVD",
"id": "CVE-2011-4722"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-28T00:00:00",
"db": "VULHUB",
"id": "VHN-52667"
},
{
"date": "2016-03-21T00:00:00",
"db": "BID",
"id": "85783"
},
{
"date": "2014-12-27T00:00:00",
"db": "BID",
"id": "78379"
},
{
"date": "2015-01-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-005355"
},
{
"date": "2011-12-02T04:32:11",
"db": "PACKETSTORM",
"id": "107476"
},
{
"date": "2016-04-04T16:44:49",
"db": "PACKETSTORM",
"id": "136522"
},
{
"date": "2014-12-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-579"
},
{
"date": "2014-12-28T02:59:00.047000",
"db": "NVD",
"id": "CVE-2011-4722"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-52667"
},
{
"date": "2016-03-21T00:00:00",
"db": "BID",
"id": "85783"
},
{
"date": "2014-12-27T00:00:00",
"db": "BID",
"id": "78379"
},
{
"date": "2015-01-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-005355"
},
{
"date": "2015-01-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-579"
},
{
"date": "2017-08-29T01:30:32.880000",
"db": "NVD",
"id": "CVE-2011-4722"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136522"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-579"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch WhatsUp Gold of TFTP Server traversal vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-005355"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "85783"
},
{
"db": "BID",
"id": "78379"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.