Full title: HP ProCurve Manager SNAC UpdateCertificatesServlet File Upload 
Category: remote exploits
Platform: windows
This Metasploit module exploits a path traversal flaw in the HP ProCurve Manager SNAC Server. The vulnerability in the UpdateCertificatesServlet allows an attacker to upload arbitrary files, just having into account binary writes aren't allowed. Additionally, authentication can be bypassed in order to upload the file. This Metasploit module has been tested successfully on the SNAC server installed with HP ProCurve Manager 4.0.

# 0day.today @ http://0day.today/