CVE-2009-4188
published 2009-12-03CVE-2009-4188: HP Operations Dashboard has a default password of j2deployer for the j2deployer account, which allows remote attackers to execute arbitrary code via a session…
PriorityP274critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
69.49%
99.3th percentile
HP Operations Dashboard has a default password of j2deployer for the j2deployer account, which allows remote attackers to execute arbitrary code via a session that uses the manager role to conduct unrestricted file upload attacks against the /manager servlet in the Tomcat servlet container. NOTE: this might overlap CVE-2009-3098.
Detection & IOCsextracted from sources · hover to see the quote
- →Detect authentication attempts using the default credential pair j2deployer:j2deployer against the HP Operations Dashboard Tomcat manager interface ↗
- →Monitor for file upload requests (POST) to the /manager servlet in Tomcat, especially from accounts with the manager role, as exploitation involves unrestricted file upload via this endpoint ↗
- →Alert on remote code execution attempts leveraging the j2deployer account session against HP Operations Dashboard 2.1 on Windows ↗
- ·The default password 'j2deployer' for the j2deployer account must be changed immediately upon deployment; failure to do so exposes the Tomcat manager servlet to unauthenticated remote attackers ↗
- ·This vulnerability may overlap with CVE-2009-3098; operators should assess both CVEs when evaluating exposure ↗
- ·HP Operations Dashboard 2.1 for Windows is confirmed vulnerable; other versions may also be affected and should be evaluated ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Apache Tomcat Manager - Application Deployer (Authenticated) Code Execution (Metasploit)
exploitdb·2010-12-14
CVE-2010-4094 Apache Tomcat Manager - Application Deployer (Authenticated) Code Execution (Metasploit)
Apache Tomcat Manager - Application Deployer (Authenticated) Code Execution (Metasploit)
---
##
# $Id: tomcat_mgr_deploy.rb 11330 2010-12-14 17:26:44Z egypt $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 [ /Apache.*(Coyote|Tomcat)/ ] }
include Msf::Exploit::Remote::HttpClient
include Msf::Exploit::EXE
def initialize(info = {})
super(update_info(info,
'Name' => 'Apache Tomcat Manager Application Deployer Authenticated Code Execution',
'Description' => %q{
This module can be used to execute a payload on Apache Tomcat servers that
have an
Exploit-DB
HP Operations Dashboard 2.1 - Portal Default Manager Account Remote Security
exploitdb·2009-09-03
CVE-2009-4188 HP Operations Dashboard 2.1 - Portal Default Manager Account Remote Security
HP Operations Dashboard 2.1 - Portal Default Manager Account Remote Security
---
source: https://www.securityfocus.com/bid/36258/info
HP Operations Dashboard is prone to a remote security vulnerability.
Operations Dashboard 2.1 for Windows is vulnerable; other versions may also be vulnerable.
Attackers can exploit this issue using readily available tools. The following authentication credentials are available:
j2deployer:j2deployer
Metasploit
Apache Tomcat Manager Application Deployer Authenticated Code Execution
metasploit
Apache Tomcat Manager Application Deployer Authenticated Code Execution
Apache Tomcat Manager Application Deployer Authenticated Code Execution
This module can be used to execute a payload on Apache Tomcat servers that have an exposed "manager" application. The payload is uploaded as a WAR archive containing a jsp application using a PUT request. The manager application can also be abused using /manager/html/upload, but that method is not implemented in this module. NOTE: The compatible payload sets vary based on the selected target. For example, you must select the Windows target to use native Windows payloads.
Metasploit
Apache Tomcat Manager Authenticated Upload Code Execution
metasploit
Apache Tomcat Manager Authenticated Upload Code Execution
Apache Tomcat Manager Authenticated Upload Code Execution
This module can be used to execute a payload on Apache Tomcat servers that have an exposed "manager" application. The payload is uploaded as a WAR archive containing a jsp application using a POST request against the /manager/html/upload component. NOTE: The compatible payload sets vary based on the selected target. For example, you must select the Windows target to use native Windows payloads.
Metasploit
Tomcat Application Manager Login Utility
metasploit
Tomcat Application Manager Login Utility
Tomcat Application Manager Login Utility
This module simply attempts to login to a Tomcat Application Manager instance using a specific user/pass.
No writeups or analysis indexed.
2009-12-03
Published