Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.4
CVSSv2

CVE-2014-2630

Published: 12/08/2014 Updated: 29/08/2017
CVSS v2 Base Score: 4.4 | Impact Score: 6.4 | Exploitability Score: 3.4
VMScore: 392
Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Hp

Vulnerability Summary

Unspecified vulnerability in HP Operations Agent 11.00, when Glance is used, allows local users to gain privileges via unknown vectors.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

hp operations agent 11.0

Exploits

Exploit DB: HP Performance Monitoring xglance Privilege Escalation
This Metasploit module is an exploit that takes advantage of xglance-bin, part of HP's Glance (or Performance Monitoring) version 11 and subsequent, which was compiled with an insecure RPATH option The RPATH includes a relative path to -L/lib64/ which can be controlled by a user Creating libraries in this location will result in an escalation of ...
Exploit DB: xglance-bin Local Root Privilege Escalation
xglance-bin local root privilege escalation exploit that has been tested on Linux RHEL 7x/8x systems ...
Exploit DB: Compaq/Hewlett Packard Glance 11.00 Privilege Escalation
It has been identified that binaries that are executed with elevated privileges (SetGID and SetUID programs) in Compaq/HP's Glance for Linux have been compiled in manner that means they searched for libraries in insecure locations Versions 1100 and below are affected ...

Github Repositories

https://github.com/redtimmy/perf-exploiter

CVE-2014-2630 exploit for xglance-bin

perf-exploiter (CVE-2014-2630) In one of our recent penetration tests we have abused a vulnerability affecting a suid binary called "xglance-bin" Part of HP Performance Monitoring solution, it allowed us to escalate our local unprivileged sessions on some Linux RHEL 7x/8x systems to root To be very honest, it was not the first time we leveraged that specific vulne

References

NVD-CWE-noinfohttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04394554http://www.securitytracker.com/id/1030702http://secunia.com/advisories/60041https://exchange.xforce.ibmcloud.com/vulnerabilities/95181http://packetstormsecurity.com/files/156206/xglance-bin-Local-Root-Privilege-Escalation.htmlhttp://seclists.org/fulldisclosure/2020/Feb/1https://seclists.org/bugtraq/2020/Feb/7http://packetstormsecurity.com/files/157528/HP-Performance-Monitoring-xglance-Privilege-Escalation.htmlhttps://nvd.nist.govhttps://github.com/redtimmy/perf-exploiterhttps://packetstormsecurity.com/files/157528/HP-Performance-Monitoring-xglance-Privilege-Escalation.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298CVE-2024-20356CVE-2023-21987CVE-2024-33217bypassCVE-2024-31804CVE-2024-32660unauthorizedSSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook