| GEN:SID | 1:2549 |
| Message | MISC HP Web JetAdmin file write attempt |
| Summary | This event is generated when an attempt is made to exploit a vulnerability associated with the web interface support for the HP JetAdmin printer.
|
| Impact | A successful attack may allow a sensitive system file to be overwritten.
|
| Detailed Information | The HP Web JetAdmin provides a web interface for the administration of the HP Web JetAdmin printer. A vulnerability is present that allows an existing file on the server to be overwritten. This problem exists because the script /plugins/framework/script/tree.xms does not sanitize the value supplied to the parameter WriteToFile, permitting a directory traversal from the web root directory to any file. An attacker can supply the data to write to the specified file.
|
| Affected Systems | HP Web JetAdmin 7.2.
|
| Attack Scenarios | An attacker can overwrite a sensitive system file using the WriteToFile parameter and supplying the data to write to the file.
|
| Ease of Attack | Simple.
|
| Corrective Action | Upgrade to the latest non-affected version of the software or apply the appropriate patch when it becomes available.
|
| Additional References | |
| Rule References | bugtraq: 9973
|