COMMAND

    JetAdmin

SYSTEMS AFFECTED

    HP Web JetAdmin Version 5.6 Web interface

PROBLEM

    UssrLabs  found  a  Directory  Traversal  Vulnerability  in HP Web
    JetAdmin Version  5.6 Web  interface Server  (port 8000)  default.
    Using the string '../' in a URL, an attacker can gain read  access
    to  any  file  outside  of  the  intended web-published filesystem
    directory.  Affected software versions:

        HP Web JetAdmin Version 5.6 (Microsoft Windows 2000)
        HP Web JetAdmin Version 5.6 (Microsoft Windows NT 4.0)
        HP Web JetAdmin Version 5.6 (HP-UX 10.20)    (not tested)
        HP Web JetAdmin Version 5.6 (HP-UX 11.x)     (not tested)
        HP Web JetAdmin Version 5.6 (Linux - SuSE)   (not tested)
        HP Web JetAdmin Version 5.6 (Novell NetWare) (not tested)
        HP Web JetAdmin Version 5.6 (Red Hat Linux)  (not tested)
        HP Web JetAdmin Version 5.6 (Solaris)        (not tested)

    There is not much to expand on this one....  Example:

        http://ServerIP:8000/cgi/wja?page=/../../../WINNT/repair/sam._

    to Download the Sam of a NT Machine

SOLUTION

    Upgrade to Version 6.0 here:

        http://www.hp.com/cposupport/swindexes/hpwebjetad1880_swen.html