VYPR

Jetadmin

by Microfocus

CVEs (11)

  • CVE-2004-1857Mar 24, 2004
    risk 0.10cvss epss 0.87

    Directory traversal vulnerability in setinfo.hts in HP Web Jetadmin 7.5.2546 allows remote authenticated attackers to read arbitrary files via a .. (dot dot) in the setinclude parameter.

  • CVE-2004-1856Mar 24, 2004
    risk 0.05cvss epss 0.30

    devices_update_printer_fw_upload.hts in HP Web JetAdmin 7.5.2546, when no password is set, allows remote attackers to upload arbitrary files to the printer directory.

  • CVE-2000-0444May 24, 2000
    risk 0.04cvss epss 0.08

    HP Web JetAdmin 6.0 allows remote attackers to cause a denial of service via a malformed URL to port 8000.

  • CVE-2000-0443May 24, 2000
    risk 0.04cvss epss 0.10

    The web interface server in HP Web JetAdmin 5.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack.

  • CVE-1999-1433Jul 15, 1998
    risk 0.03cvss epss 0.01

    HP JetAdmin D.01.09 on Solaris allows local users to change the permissions of arbitrary files via a symlink attack on the /tmp/jetadmin.log file.

  • CVE-2012-2011Jun 13, 2012
    risk 0.00cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in HP Web Jetadmin 8.x allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2011-0278Mar 1, 2011
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in HP Web Jetadmin 10.2 Service Release 3 and 4 allows local users to bypass intended access restrictions via unknown vectors.

  • CVE-2009-4182Jan 14, 2010
    risk 0.00cvss epss 0.02

    Multiple unspecified vulnerabilities in HP Web Jetadmin 10.2, when a remote SQL server is used, allow remote attackers to obtain access to data or cause a denial of service, possibly by leveraging authentication and encryption weaknesses on the SQL server.

  • CVE-2004-1858Dec 31, 2004
    risk 0.00cvss epss 0.01

    HP Web Jetadmin 7.5.2546 allows remote attackers to cause a denial of service (crash) via a malformed request, possibly due to a stricmp() error from an invalid use of the "$" character.

  • CVE-2001-1039Aug 31, 2001
    risk 0.00cvss epss 0.02

    The JetAdmin web interface for HP JetDirect does not set a password for the telnet interface when the admin password is changed, which allows remote attackers to gain access to the printer.

  • CVE-2001-1040Aug 31, 2001
    risk 0.00cvss epss 0.02

    HP LaserJet, and possibly other JetDirect devices, resets the admin password when the device is turned off, which could allow remote attackers to access the device without the password.