| Name | HP.Power.Manager.FormExportDataLogs.Directory.Traversal |
| Release Date | Mar 16, 2010 |
| Severity | High |
| Impact | System Compromise |
| Description | This indicates an attack attempt against a directory traversal vulnerability in HP Power Manager.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted HTTP request. It allows a remote attacker to inject and execute arbitrary code. |
| Affected Products | HP Power Manager 4.2.9
HP Power Manager 4.2.7
HP Power Manager 4.0Build11
HP Power Manager 4.0Build10
HP Power Manager 0 |
| Recommended Actions | Update to the latest version:
http://h18000.www1.hp.com/products/servers/proliantstorage/power-protection/software/power-manager/index.html |
| Common Vulnerabilities and Exposures (CVE) | http://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-4000
|
| Reference/s | http://www.securityfocus.com/bid/37873 (BugTraq)
|