Vulnerabilities > CVE-2009-1419 - Unspecified vulnerability in HP Discovery&Dependency Mapping Inventory
Unspecified vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) 2.0.0 through 2.52, 7.50, and 7.51 on Windows allows remote attackers to access DDMI agents via unknown vectors.
|NASL family||CGI abuses|
|description||The remote host is running an HP Discovery & Dependency Mapping Inventory (DDMI) agent to facilitate communications between a central DDMI server and workstations that are part of the deployed inventory process. The version of the agent on the remote host fails to check for a valid SSL certificate from a known DDMI server before accepting requests and processing them. An unauthenticated, remote attacker can leverage this issue to disclose sensitive information about installed software, read the contents of arbitrary files, launch arbitrary processes with SYSTEM privileges, etc.|
|reporter||This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.|
|title||HP DDMI on Windows Unspecified Remote Agent Access|