Back to search
CVE-2011-0276
Published: Feb 2, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a "hidden account" in the com.trinagy.security.XMLUserManager Java class, which allows remote attackers to execute arbitrary code via the doPost method in the com.trinagy.servlet.HelpManagerServlet class.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
70754
vdb-entry
x_refsource_OSVDB
http://www.zerodayinitiative.com/advisories/ZDI-11-034
x_refsource_MISC
SSRT090246
vendor-advisory
x_refsource_HP
20110131 ZDI-11-034: HP OpenView Performance Insight Server Backdoor Account Code Execution Vulnerability
mailing-list
x_refsource_BUGTRAQ
HPSBMA02627
vendor-advisory
x_refsource_HP
8136
third-party-advisory
x_refsource_SREASON
16984
exploit
x_refsource_EXPLOIT-DB
1025014
vdb-entry
x_refsource_SECTRACK
openview-dopost-code-execution(65038)
vdb-entry
x_refsource_XF
43145
third-party-advisory
x_refsource_SECUNIA
ADV-2011-0258
vdb-entry
x_refsource_VUPEN
46079
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now