Διαφήμιση
σχετικά με: pml driver hpz12 vulnerability scanner softwareEliminate blind spots! Scan systems in local network, remote locations and closed network. Automatically detect vulnerabilities, misconfigurations, risky software, and open ports.
Αποτελέσματα Αναζήτησης
18 Νοε 2006 · Here is a way to fix this so you can manipulate the PML driver from Services without having to use the registry and boot the machine each time. I am on WinXP Pro SP2 and have full administrator privileges, this worked for me.
The PML Driver HPZ12 (HPZipm12.exe) in the HP all-in-one drivers, as used by multiple HP products, uses insecure SERVICE_CHANGE_CONFIG DACL permissions, which allows local users to gain privileges and execute arbitrary programs, as demonstrated by modifying the binpath argument, a related issue to CVE-2006-0023.
8 Ιαν 2007 · An attacker can exploit this issue to gain SYSTEM-level privileges, completely compromising affected computers. This issue affects HP products that use the 'PML Driver HPZ12' driver. C:\sc config "pml driver hpz12" binpath= D:\attack\attack.exe C:\sc start "pml driver hpz12"
5 Οκτ 2013 · On my Windows 7 machine, I used to have an Officejet printer installed. After some frustration, I un-installed the printer and the associated software. I recently noticed that 2 HP services are being automatically run on the machine everytime it starts up. They are: Pml Driver HPZ12 and Net Driver HPZ12. Why? I am not using any HP printer anymore.
The PML Driver HPZ12 (HPZipm12.exe) in the HP all-in-one drivers, as used by multiple HP products, uses insecure SERVICE_CHANGE_CONFIG DACL permissions, which allows local users to gain privileges and execute arbitrary programs, as demonstrated by modifying the binpath argument, a related issue to CVE-2006-0023.
Even though the PML Driver serivce is not started by default, the attacker can start and stop it by herself :) Exploting this vulnerability allows local non-privileged user to obtain SYSTEM privilege. Workaround: Use SC command to set a tight permissions for the "PML Driver HPZ12" service.
Vulnerability Details : CVE-2007-0161 The PML Driver HPZ12 (HPZipm12.exe) in the HP all-in-one drivers, as used by multiple HP products, uses insecure SERVICE_CHANGE_CONFIG DACL permissions, which allows local users to gain privileges and execute arbitrary programs, as demonstrated by modifying the binpath argument, a related issue to CVE-2006 ...
Διαφήμιση
σχετικά με: pml driver hpz12 vulnerability scanner softwareEliminate blind spots! Scan systems in local network, remote locations and closed network. Automatically detect vulnerabilities, misconfigurations, risky software, and open ports.
