Published: 19/06/2012 Updated: 26/06/2012

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 760

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

hagent.exe in Wyse Device Manager (WDM) 4.7.x does not require authentication for commands, which allows remote malicious users to obtain management access via a crafted query, as demonstrated by a V52 query that triggers a power-off action.

Vulnerable Product	Search on Vulmon	Subscribe to Product
dell wyse device manager 4.7.1
dell wyse device manager 4.7.2
dell wyse device manager 4.7.0

require 'msf/core' class Metasploit3 < Msf::Auxiliary Rank = ExcellentRanking include Msf::Exploit::Remote::Tcp include Msf::Auxiliary::Dos def initialize(info = {}) super(update_info(info, 'Name' => 'Wyse Machine Remote Power off (DOS)', 'Description' => %q{ This module exploits the Wyse Rapport Hagent ser ...

## # $Id: hagent_untrusted_hsdatarb 10998 2010-11-11 22:43:22Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'timeout' ...

CWE-287 http://archives.neohapsis.com/archives/fulldisclosure/2009-07/0101.html http://www.wyse.com/serviceandsupport/Wyse%20Security%20Bulletin%20WSB09-01.pdf http://www.theregister.co.uk/2009/07/10/wyse_remote_exploit_bugs/http://www.exploit-db.com/exploits/19137/http://www.kb.cert.org/vuls/id/654545 https://nvd.nist.gov https://www.exploit-db.com/exploits/19137/https://www.kb.cert.org/vuls/id/654545

CVE-2009-0695

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect