Lucene search
This script is Copyright (C) 2014-2022 Tenable Network Security, Inc.HPSMH_7_3.NASLHistoryMar 12, 2014 - 12:00 a.m.
HP System Management Homepage < 7.3 Multiple Vulnerabilities
2014-03-1200:00:00
This script is Copyright (C) 2014-2022 Tenable Network Security, Inc.
www.tenable.com
21
According to the web server’s banner, the version of HP System Management Homepage (SMH) hosted on the remote web server may be affected by the following vulnerabilities :
-
Versions prior to 7.3 are affected by an unspecified information disclosure vulnerability. (CVE-2013-4846)
-
Versions 7.1 through 7.2.2 are affected by an unspecified cross-site request forgery vulnerability.
(CVE-2013-6188)
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(72959);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/04/11");
script_cve_id("CVE-2013-4846", "CVE-2013-6188");
script_bugtraq_id(66128, 66129);
script_name(english:"HP System Management Homepage < 7.3 Multiple Vulnerabilities");
script_set_attribute(attribute:"synopsis", value:
"The remote web server is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"According to the web server's banner, the version of HP System
Management Homepage (SMH) hosted on the remote web server may be
affected by the following vulnerabilities :
- Versions prior to 7.3 are affected by an unspecified
information disclosure vulnerability. (CVE-2013-4846)
- Versions 7.1 through 7.2.2 are affected by an
unspecified cross-site request forgery vulnerability.
(CVE-2013-6188)");
# https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c04039138
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?2d45fc52");
script_set_attribute(attribute:"see_also", value:"https://www.securityfocus.com/archive/1/531406/30/0/threaded");
script_set_attribute(attribute:"solution", value:
"Upgrade to HP System Management Homepage 7.3 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2014/03/10");
script_set_attribute(attribute:"patch_publication_date", value:"2013/11/27");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/03/12");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:hp:system_management_homepage");
script_set_attribute(attribute:"thorough_tests", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Web Servers");
script_copyright(english:"This script is Copyright (C) 2014-2022 Tenable Network Security, Inc.");
script_dependencies("compaq_wbem_detect.nasl", "os_fingerprint.nasl");
script_require_keys("www/hp_smh");
script_require_ports("Services/www", 2301, 2381);
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("http.inc");
include("webapp_func.inc");
# Only Linux and Windows are affected -- HP-UX is not mentioned
if (report_paranoia < 2)
{
os = get_kb_item_or_exit("Host/OS");
if ("Windows" >!< os && "Linux" >!< os) audit(AUDIT_OS_NOT, "Windows or Linux", os);
}
port = get_http_port(default:2381, embedded:TRUE);
install = get_install_from_kb(appname:'hp_smh', port:port, exit_on_fail:TRUE);
dir = install['dir'];
version = install['ver'];
prod = get_kb_item_or_exit("www/"+port+"/hp_smh/variant");
if (version == UNKNOWN_VER) exit(1, 'The version of '+prod+' installed at '+build_url(port:port, qs:dir+"/")+' is unknown.');
# nb: 'version' can have non-numeric characters in it so we'll create
# an alternate form and make sure that's safe for use in 'ver_compare()'.
version_alt = ereg_replace(pattern:"[_-]", replace:".", string:version);
if (!ereg(pattern:"^[0-9][0-9.]+$", string:version_alt)) exit(1, 'The version of '+prod+' installed at '+build_url(port:port, qs:dir+"/")+' does not look valid ('+version+').');
fixed_version = '7.3';
if (ver_compare(ver:version_alt, fix:fixed_version, strict:FALSE) == -1)
{
# Versions 7.1 to 7.2.2
if (
version_alt =~ "^7\.1([^0-9]|$)" ||
version_alt =~ "^7\.2\.[0-2]([^0-9]|$)"
) set_kb_item(name:'www/'+port+'/XSRF', value:TRUE);
if (report_verbosity > 0)
{
source_line = get_kb_item("www/"+port+"/hp_smh/source");
report = '\n Product : ' + prod;
if (!isnull(source_line))
report += '\n Version source : ' + source_line;
report +=
'\n Installed version : ' + version +
'\n Fixed version : ' + fixed_version + '\n';
security_warning(port:port, extra:report);
}
else security_warning(port);
exit(0);
}
else audit(AUDIT_LISTEN_NOT_VULN, prod, port, version);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| hp | system_management_homepage | cpe:/a:hp:system_management_homepage |
Related
securityvulns
securityvulns
openvas
openvas
prion
prion
Code injection
2014-03-14 10:55:00
Cross site request forgery (csrf)
2014-03-14 10:55:00
cve
cve
CVE-2013-4846
2014-03-14 10:55:00
CVE-2013-6188
2014-03-14 10:55:00
kaspersky
kaspersky
KLA10193 OSI vulnerability in HP SMH
2014-03-14 00:00:00
KLA10194 SB vulnerability in HP SMH
2014-03-14 00:00:00
Related for HPSMH_7_3.NASL