CVE-2009-3843

Related Files

Apache Tomcat Manager Code Execution

Posted Feb 1, 2014

Authored by rangercha | Site metasploit.com

This Metasploit module can be used to execute a payload on Apache Tomcat servers that have an exposed "manager" application. The payload is uploaded as a WAR archive containing a jsp application using a POST request against the /manager/html/upload component. NOTE: The compatible payload sets vary based on the selected target. For example, you must select the Windows target to use native Windows payloads.

tags | exploit

systems | windows

advisories | CVE-2009-3843, CVE-2009-4189, CVE-2009-4188, CVE-2010-0557, CVE-2010-4094, CVE-2009-3548, OSVDB-60317, OSVDB-60670, OSVDB-60176

SHA-256 | ad779a3b3a81ba663a7d78a49953b2c7b7c8a37a54e4a557a40f1c67b825aaf4

Download | Favorite | View

Apache Tomcat Manager Application Deployer Upload and Execute

Posted Feb 19, 2010

Authored by jduck | Site metasploit.com

This Metasploit module can be used to execute a payload on Apache Tomcat servers that have an exposed "manager" application. The payload is uploaded as a WAR archive containing a jsp application using a PUT request. The manager application can also be abused using /manager/html/upload, but that method is not implemented in this module.

tags | exploit

advisories | CVE-2009-3843

SHA-256 | f58aeb9136f2b509f52c0f2b286955d484d6b332b4b2c0c9edf999ea5b57d73c

Download | Favorite | View

Zero Day Initiative Advisory 09-085

Posted Nov 20, 2009

Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-085 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Operations Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists due to a hidden account present within the Tomcat users XML file. Using this account a malicious user can access the org.apache.catalina.manager.HTMLManagerServlet class. This is defined within the catalina-manager.jar file installed with the product. This servlet allows a remote user to upload a file via a POST request to /manager/html/upload. If an attacker uploads malicious content it can then be accessed and executed on the server which leads to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, code execution

advisories | CVE-2009-3843

SHA-256 | f75bee3a0ef69790466f2dcfe8532a1ba92d356f316bf6d636784b35d8a50973

Download | Favorite | View

HP Security Bulletin HPSBMA02478 SSRT090251

Posted Nov 20, 2009

Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP Operations Manager for Windows. The vulnerability could be exploited remotely to gain unauthorized access.

tags | advisory

systems | windows

advisories | CVE-2009-3843

SHA-256 | e7ff7ea3b271887cdcbfd5b312dce78fc4d17ab51782377395d5bc855481bf72

Download | Favorite | View