SecuritySpace - CVE-2009-4188

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2009-4188

Description: HP Operations Dashboard has a default password of j2deployer for the j2deployer account, which allows remote attackers to execute arbitrary code via a session that uses the manager role to conduct unrestricted file upload attacks against the /manager servlet in the Tomcat servlet container. NOTE: this might overlap CVE-2009-3098.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2009-4188
BugTraq ID: 36258
http://www.securityfocus.com/bid/36258
http://www.intevydis.com/blog/?p=87

CVE ID:	CVE-2009-4188
Description:	HP Operations Dashboard has a default password of j2deployer for the j2deployer account, which allows remote attackers to execute arbitrary code via a session that uses the manager role to conduct unrestricted file upload attacks against the /manager servlet in the Tomcat servlet container. NOTE: this might overlap CVE-2009-3098.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2009-4188 BugTraq ID: 36258 http://www.securityfocus.com/bid/36258 http://www.intevydis.com/blog/?p=87