CVE-2009-3843
published 2009-11-24CVE-2009-3843: HP Operations Manager 8.10 on Windows contains a "hidden account" in the XML file that specifies Tomcat users, which allows remote attackers to conduct…
PriorityP277critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
78.97%
99.5th percentile
HP Operations Manager 8.10 on Windows contains a "hidden account" in the XML file that specifies Tomcat users, which allows remote attackers to conduct unrestricted file upload attacks, and thereby execute arbitrary code, by using the org.apache.catalina.manager.HTMLManagerServlet class to make requests to manager/html/upload.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hp | operations_manager | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-vv3v-4wj3-jrgv: HP Operations Manager has a default password of OvW*busr1 for the ovwebusr account, which allows remote attackers to execute arbitrary code via a sess
ghsa_unreviewed·2022-05-02·CVSS 10.0
CVE-2009-4189 [CRITICAL] GHSA-vv3v-4wj3-jrgv: HP Operations Manager has a default password of OvW*busr1 for the ovwebusr account, which allows remote attackers to execute arbitrary code via a sess
HP Operations Manager has a default password of OvW*busr1 for the ovwebusr account, which allows remote attackers to execute arbitrary code via a session that uses the manager role to conduct unrestricted file upload attacks against the /manager servlet in the Tomcat servlet container. NOTE: this might overlap CVE-2009-3099 and CVE-2009-3843.
GHSA
GHSA-vcf2-959x-5ggc: HP Operations Manager 8
ghsa_unreviewed·2022-05-02
CVE-2009-3843 [HIGH] GHSA-vcf2-959x-5ggc: HP Operations Manager 8
HP Operations Manager 8.10 on Windows contains a "hidden account" in the XML file that specifies Tomcat users, which allows remote attackers to conduct unrestricted file upload attacks, and thereby execute arbitrary code, by using the org.apache.catalina.manager.HTMLManagerServlet class to make requests to manager/html/upload.
No detection rules found.
Exploit-DB
Apache Tomcat Manager - Application Deployer (Authenticated) Code Execution (Metasploit)
exploitdb·2010-12-14
CVE-2010-4094 Apache Tomcat Manager - Application Deployer (Authenticated) Code Execution (Metasploit)
Apache Tomcat Manager - Application Deployer (Authenticated) Code Execution (Metasploit)
---
##
# $Id: tomcat_mgr_deploy.rb 11330 2010-12-14 17:26:44Z egypt $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 [ /Apache.*(Coyote|Tomcat)/ ] }
include Msf::Exploit::Remote::HttpClient
include Msf::Exploit::EXE
def initialize(info = {})
super(update_info(info,
'Name' => 'Apache Tomcat Manager Application Deployer Authenticated Code Execution',
'Description' => %q{
This module can be used to execute a payload on Apache Tomcat servers that
have an
Metasploit
Apache Tomcat Manager Application Deployer Authenticated Code Execution
metasploit
Apache Tomcat Manager Application Deployer Authenticated Code Execution
Apache Tomcat Manager Application Deployer Authenticated Code Execution
This module can be used to execute a payload on Apache Tomcat servers that have an exposed "manager" application. The payload is uploaded as a WAR archive containing a jsp application using a PUT request. The manager application can also be abused using /manager/html/upload, but that method is not implemented in this module. NOTE: The compatible payload sets vary based on the selected target. For example, you must select the Windows target to use native Windows payloads.
Metasploit
Apache Tomcat Manager Authenticated Upload Code Execution
metasploit
Apache Tomcat Manager Authenticated Upload Code Execution
Apache Tomcat Manager Authenticated Upload Code Execution
This module can be used to execute a payload on Apache Tomcat servers that have an exposed "manager" application. The payload is uploaded as a WAR archive containing a jsp application using a POST request against the /manager/html/upload component. NOTE: The compatible payload sets vary based on the selected target. For example, you must select the Windows target to use native Windows payloads.
Metasploit
Tomcat Application Manager Login Utility
metasploit
Tomcat Application Manager Login Utility
Tomcat Application Manager Login Utility
This module simply attempts to login to a Tomcat Application Manager instance using a specific user/pass.
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=125873415424980&w=2http://secunia.com/advisories/37444http://securitytracker.com/id?1023222http://www.osvdb.org/60317http://www.zerodayinitiative.com/advisories/ZDI-09-085/https://exchange.xforce.ibmcloud.com/vulnerabilities/54361http://marc.info/?l=bugtraq&m=125873415424980&w=2http://secunia.com/advisories/37444http://securitytracker.com/id?1023222http://www.osvdb.org/60317http://www.zerodayinitiative.com/advisories/ZDI-09-085/https://exchange.xforce.ibmcloud.com/vulnerabilities/54361
2009-11-24
Published