Published: 20/08/2012 Updated: 21/08/2012

CVSS v2 Base Score: 7.7 | Impact Score: 10 | Exploitability Score: 5.1

VMScore: 780

Vector: AV:A/AC:L/Au:S/C:C/I:C/A:C

lhn/public/network/ping in HP SAN/iQ 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) first, (2) third, or (3) fourth parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4361.

Vulnerable Product	Search on Vulmon	Subscribe to Product
hp san\\/iq 9.5

## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking ...

#!/usr/bin/python ''' ================================== Pseudo documentation ================================== ''' # HP VSA / SANiQ Hydra client # Nicolas Grégoire <nicolasgregoire@agarrifr> # v05 ''' ================================== Target information ================================== ''' HOST = '192168201 ...

CWE-78 http://www.kb.cert.org/vuls/id/441363 https://nvd.nist.gov https://www.exploit-db.com/exploits/18901/https://www.kb.cert.org/vuls/id/441363

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-2986

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect