Search...

HP System Management Homepage security vulnerabilities

2014-03-27T00:00:00

ID SECURITYVULNS:VULN:13640
Type securityvulns
Reporter BUGTRAQ
Modified 2014-03-27T00:00:00

Description

Crossite scripting, information leakage.

JSON Vulners Source

Initial Source

{"id": "SECURITYVULNS:VULN:13640", "bulletinFamily": "software", "title": "HP System Management Homepage security vulnerabilities", "description": "Crossite scripting, information leakage.", "published": "2014-03-27T00:00:00", "modified": "2014-03-27T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13640", "reporter": "BUGTRAQ", "references": ["https://vulners.com/securityvulns/securityvulns:doc:30402"], "cvelist": ["CVE-2013-6188", "CVE-2013-4846"], "type": "securityvulns", "lastseen": "2018-08-31T11:09:54", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "62c33707925931ade5d7cc799ac67922"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "3d1b822e5619bd045230244f126eae45"}, {"key": "cvss", "hash": "737e2591b537c46d1ca7ce6f0cea5cb9"}, {"key": "description", "hash": "b58075abc13d8f26a232675bddfc52b3"}, {"key": "href", "hash": "59418f3975614971959a743af91610a8"}, {"key": "modified", "hash": "0b252ad13301542a468f5f587d18be33"}, {"key": "published", "hash": "0b252ad13301542a468f5f587d18be33"}, {"key": "references", "hash": "fbdd17ad95f43afc7bdbb3bb50f3a1a8"}, {"key": "reporter", "hash": "2c5cca82a8670da097919f6160833daf"}, {"key": "title", "hash": "11a6aa24cbb86d9da37e3c031c7c4c6c"}, {"key": "type", "hash": "d54751dd75af2ea0147b462b3e001cd0"}], "hash": "c73c8f11de0ab33e316012dadb3aee9634618214095955c66084f38c25521ddc", "viewCount": 5, "enchantments": {"score": {"value": 4.3, "vector": "NONE", "modified": "2018-08-31T11:09:54"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2013-6188", "CVE-2013-4846"]}, {"type": "nessus", "idList": ["HPSMH_7_3.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:30402"]}, {"type": "kaspersky", "idList": ["KLA10193", "KLA10194"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310804416", "OPENVAS:1361412562310804415"]}], "modified": "2018-08-31T11:09:54"}, "vulnersScore": 4.3}, "objectVersion": "1.3", "affectedSoftware": [{"name": "System Management Homepage", "operator": "eq", "version": "7.2"}]}

{"cve": [{"lastseen": "2016-09-03T19:08:16", "bulletinFamily": "NVD", "description": "Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 7.1 through 7.2.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.", "modified": "2014-03-14T12:34:40", "published": "2014-03-14T06:55:05", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6188", "id": "CVE-2013-6188", "title": "CVE-2013-6188", "type": "cve", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-03T18:52:46", "bulletinFamily": "NVD", "description": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.3 allows remote attackers to obtain sensitive information via unknown vectors.", "modified": "2014-03-14T12:42:50", "published": "2014-03-14T06:55:05", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4846", "id": "CVE-2013-4846", "type": "cve", "title": "CVE-2013-4846", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "nessus": [{"lastseen": "2019-01-16T20:18:06", "bulletinFamily": "scanner", "description": "According to the web server's banner, the version of HP System\nManagement Homepage (SMH) hosted on the remote web server may be\naffected by the following vulnerabilities :\n\n - Versions prior to 7.3 are affected by an unspecified\n information disclosure vulnerability. (CVE-2013-4846)\n\n - Versions 7.1 through 7.2.2 are affected by an\n unspecified cross-site request forgery vulnerability.\n (CVE-2013-6188)", "modified": "2018-11-15T00:00:00", "published": "2014-03-12T00:00:00", "id": "HPSMH_7_3.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=72959", "title": "HP System Management Homepage < 7.3 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(72959);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/11/15 20:50:25\");\n\n script_cve_id(\"CVE-2013-4846\", \"CVE-2013-6188\");\n script_bugtraq_id(66128, 66129);\n\n script_name(english:\"HP System Management Homepage < 7.3 Multiple Vulnerabilities\");\n script_summary(english:\"Does a banner check\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote web server is affected by multiple vulnerabilities.\");\n script_set_attribute(\n attribute:\"description\",\n value:\n\"According to the web server's banner, the version of HP System\nManagement Homepage (SMH) hosted on the remote web server may be\naffected by the following vulnerabilities :\n\n - Versions prior to 7.3 are affected by an unspecified\n information disclosure vulnerability. (CVE-2013-4846)\n\n - Versions 7.1 through 7.2.2 are affected by an\n unspecified cross-site request forgery vulnerability.\n (CVE-2013-6188)\"\n );\n # https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c04039138\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2d45fc52\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/531406/30/0/threaded\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to HP System Management Homepage 7.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/03/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/03/12\");\n\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:hp:system_management_homepage\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"compaq_wbem_detect.nasl\", \"os_fingerprint.nasl\");\n script_require_keys(\"www/hp_smh\");\n script_require_ports(\"Services/www\", 2301, 2381);\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\n# Only Linux and Windows are affected -- HP-UX is not mentioned\nif (report_paranoia < 2)\n{\n os = get_kb_item_or_exit(\"Host/OS\");\n if (\"Windows\" >!< os && \"Linux\" >!< os) audit(AUDIT_OS_NOT, \"Windows or Linux\", os);\n}\n\nport = get_http_port(default:2381, embedded:TRUE);\n\ninstall = get_install_from_kb(appname:'hp_smh', port:port, exit_on_fail:TRUE);\ndir = install['dir'];\nversion = install['ver'];\nprod = get_kb_item_or_exit(\"www/\"+port+\"/hp_smh/variant\");\n\nif (version == UNKNOWN_VER) exit(1, 'The version of '+prod+' installed at '+build_url(port:port, qs:dir+\"/\")+' is unknown.');\n\n# nb: 'version' can have non-numeric characters in it so we'll create\n# an alternate form and make sure that's safe for use in 'ver_compare()'.\nversion_alt = ereg_replace(pattern:\"[_-]\", replace:\".\", string:version);\nif (!ereg(pattern:\"^[0-9][0-9.]+$\", string:version_alt)) exit(1, 'The version of '+prod+' installed at '+build_url(port:port, qs:dir+\"/\")+' does not look valid ('+version+').');\n\nfixed_version = '7.3';\nif (ver_compare(ver:version_alt, fix:fixed_version, strict:FALSE) == -1)\n{\n # Versions 7.1 to 7.2.2\n if (\n version_alt =~ \"^7\\.1([^0-9]|$)\" || \n version_alt =~ \"^7\\.2\\.[0-2]([^0-9]|$)\"\n ) set_kb_item(name:'www/'+port+'/XSRF', value:TRUE);\n\n if (report_verbosity > 0)\n {\n source_line = get_kb_item(\"www/\"+port+\"/hp_smh/source\");\n\n report = '\\n Product : ' + prod;\n if (!isnull(source_line))\n report += '\\n Version source : ' + source_line;\n report +=\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, prod, port, version);\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:51", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nNote: the current version of the following document is available here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\r\ndocDisplay?docId=emr_na-c04039138\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c04039138\r\nVersion: 1\r\n\r\nHPSBMU02947 rev.1 - HP System Management Homepage (SMH) Running on Linux and\r\nWindows, Remote Disclosure of Information and Cross-Site Request Forgery\r\n(CSRF)\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as\r\nsoon as possible.\r\n\r\nRelease Date: 2014-03-10\r\nLast Updated: 2014-03-10\r\n\r\nPotential Security Impact: Remote disclosure of information, cross-site\r\nrequest forgery (CSRF)\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nPotential security vulnerabilities have been identified with HP System\r\nManagement Homepage (SMH) running on Linux and Windows. The vulnerabilities\r\ncould be exploited remotely resulting in disclosure of information or\r\ncross-site request forgery (CSRF).\r\n\r\nReferences:\r\n\r\nCVE-2013-4846 (SSRT101285, Remote Disclosure of Information)\r\nCVE-2013-6188 (SSRT101149, Cross-Site Request Forgery (CSRF))\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\n\r\nHP System Management Homepage (SMH) prior to v7.3 for Linux and Windows\r\n(CVE-2013-4846)\r\nHP System Management Homepage (SMH) v7.1 through v7.2.2 for Linux and Windows\r\n(CVE-2013-6188)\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2013-4846 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6\r\nCVE-2013-6188 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP has made System Management Homepage (SMH) v7.3 available for Linux and\r\nWindows to resolve the vulnerabilities.\r\n\r\nInformation and downloads for HP SMH can be found at the following location:\r\n\r\nhttp://h18013.www1.hp.com/products/servers/management/agents/index.html\r\n\r\nHISTORY\r\nVersion:1 (rev.1) - 10 March 2013 Initial release\r\n\r\nThird Party Security Patches: Third party security patches that are to be\r\ninstalled on systems running HP software products should be applied in\r\naccordance with the customer's patch management policy.\r\n\r\nSupport: For issues about implementing the recommendations of this Security\r\nBulletin, contact normal HP Services support channel. For other issues about\r\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com.\r\n\r\nReport: To report a potential security vulnerability with any HP supported\r\nproduct, send Email to: security-alert@hp.com\r\n\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\r\nalerts via Email:\r\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\r\n\r\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\r\navailable here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\r\n\r\nSoftware Product Category: The Software Product Category is represented in\r\nthe title by the two characters following HPSB.\r\n\r\n3C = 3COM\r\n3P = 3rd Party Software\r\nGN = HP General Software\r\nHF = HP Hardware and Firmware\r\nMP = MPE/iX\r\nMU = Multi-Platform Software\r\nNS = NonStop Servers\r\nOV = OpenVMS\r\nPI = Printing and Imaging\r\nPV = ProCurve\r\nST = Storage Software\r\nTU = Tru64 UNIX\r\nUX = HP-UX\r\n\r\nCopyright 2014 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors\r\nor omissions contained herein. The information provided is provided "as is"\r\nwithout warranty of any kind. To the extent permitted by law, neither HP or\r\nits affiliates, subcontractors or suppliers will be liable for\r\nincidental,special or consequential damages including downtime cost; lost\r\nprofits; damages relating to the procurement of substitute products or\r\nservices; or damages for loss of data, or software restoration. The\r\ninformation in this document is subject to change without notice.\r\nHewlett-Packard Company and the names of Hewlett-Packard products referenced\r\nherein are trademarks of Hewlett-Packard Company in the United States and\r\nother countries. Other product and company names mentioned herein may be\r\ntrademarks of their respective owners.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v2.0.19 (GNU/Linux)\r\n\r\niEYEARECAAYFAlMeGkkACgkQ4B86/C0qfVn98ACg1azXrPJtuMh2AOQY2Y/xPseg\r\nJZ4AoMbEKn2s55I1Xf97zPi29V9rgc/O\r\n=iwnX\r\n-----END PGP SIGNATURE-----\r\n", "modified": "2014-03-27T00:00:00", "published": "2014-03-27T00:00:00", "id": "SECURITYVULNS:DOC:30402", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30402", "title": "[security bulletin] HPSBMU02947 rev.1 - HP System Management Homepage (SMH) Running on Linux and Windows, Remote Disclosure of Information and Cross-Site Request Forgery (CSRF)", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "kaspersky": [{"lastseen": "2019-02-15T12:34:51", "bulletinFamily": "info", "description": "### *Detect date*:\n03/14/2014\n\n### *Severity*:\nCritical\n\n### *Description*:\nAn unspecified vulnerability was found in HP SMH. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely by unknown vectors.\n\n### *Affected products*:\nHP Software Management Homepage versions 7.2.9 and earlier\n\n### *Solution*:\nUpdate to latest version\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[HP System Management Homepage](<https://threats.kaspersky.com/en/product/HP-System-Management-Homepage/>)\n\n### *CVE-IDS*:\n[CVE-2013-4846](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4846>)", "modified": "2019-02-13T00:00:00", "published": "2014-03-14T00:00:00", "id": "KLA10193", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10193", "title": "\r KLA10193OSI vulnerability in HP SMH ", "type": "kaspersky", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-02-15T12:34:11", "bulletinFamily": "info", "description": "### *Detect date*:\n03/14/2014\n\n### *Severity*:\nHigh\n\n### *Description*:\nCSRF vulnerability was found in the HP SMH. By exploiting this vulnerability malicious users can hijack auth. This vulnerability can be exploited from remote by unknown vectors.\n\n### *Affected products*:\nHP System Management Homepage versions from 7.1 to 7.2.2\n\n### *Solution*:\nUpdate to latest version\n\n### *Impacts*:\nSB \n\n### *Related products*:\n[HP System Management Homepage](<https://threats.kaspersky.com/en/product/HP-System-Management-Homepage/>)\n\n### *CVE-IDS*:\n[CVE-2013-6188](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6188>)", "modified": "2019-02-13T00:00:00", "published": "2014-03-14T00:00:00", "id": "KLA10194", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10194", "title": "\r KLA10194SB vulnerability in HP SMH ", "type": "kaspersky", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2018-10-22T16:40:35", "bulletinFamily": "scanner", "description": "This host is running HP System Management Homepage (SMH) and is prone to\ncross-site request forgery vulnerability.", "modified": "2018-10-12T00:00:00", "published": "2014-03-19T00:00:00", "id": "OPENVAS:1361412562310804416", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804416", "title": "HP System Management Homepage Cross-Site Request Forgery Vulnerability", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_hp_smh_csrf_vuln.nasl 11867 2018-10-12 10:48:11Z cfischer $\n#\n# HP System Management Homepage Cross-Site Request Forgery Vulnerability\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\nCPE = \"cpe:/a:hp:system_management_homepage\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804416\");\n script_version(\"$Revision: 11867 $\");\n script_cve_id(\"CVE-2013-6188\");\n script_bugtraq_id(66128);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 12:48:11 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-03-19 13:49:55 +0530 (Wed, 19 Mar 2014)\");\n script_name(\"HP System Management Homepage Cross-Site Request Forgery Vulnerability\");\n\n\n script_tag(name:\"summary\", value:\"This host is running HP System Management Homepage (SMH) and is prone to\ncross-site request forgery vulnerability.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The application allows users to perform certain actions via HTTP requests\nwithout performing proper validity checks to verify the requests.\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to perform certain unspecified\nactions when a logged-in user visits a specially crafted web page.\");\n script_tag(name:\"affected\", value:\"HP System Management Homepage (SMH) version 7.1 through 7.2.2\");\n script_tag(name:\"solution\", value:\"Upgrade to HP System Management Homepage (SMH) 7.3 or later,\nhttp://h18013.www1.hp.com/products/servers/management/agents/index.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/57365\");\n script_xref(name:\"URL\", value:\"http://seclists.org/bugtraq/2014/Mar/61\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_hp_smh_detect.nasl\");\n script_mandatory_keys(\"HP/SMH/installed\");\n script_require_ports(\"Services/www\", 2381);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!smhPort = get_app_port(cpe:CPE)) exit(0);\n\nif(!smhVer = get_app_version(cpe:CPE, port:smhPort)) exit(0);\n\nif(version_in_range(version:smhVer, test_version:\"7.1\", test_version2:\"7.2.2\"))\n{\n security_message(smhPort);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-22T16:41:20", "bulletinFamily": "scanner", "description": "This host is running HP System Management Homepage (SMH) and is prone to\ninformation disclosure vulnerability.", "modified": "2018-10-12T00:00:00", "published": "2014-03-19T00:00:00", "id": "OPENVAS:1361412562310804415", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804415", "title": "HP System Management Homepage Information Disclosure Vulnerability", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_hp_smh_information_disclosure_vuln.nasl 11867 2018-10-12 10:48:11Z cfischer $\n#\n# HP System Management Homepage Information Disclosure Vulnerability\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\nCPE = \"cpe:/a:hp:system_management_homepage\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804415\");\n script_version(\"$Revision: 11867 $\");\n script_cve_id(\"CVE-2013-4846\");\n script_bugtraq_id(66129);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 12:48:11 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-03-19 13:14:25 +0530 (Wed, 19 Mar 2014)\");\n script_name(\"HP System Management Homepage Information Disclosure Vulnerability\");\n\n\n script_tag(name:\"summary\", value:\"This host is running HP System Management Homepage (SMH) and is prone to\ninformation disclosure vulnerability.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"An unspecified error can be exploited to disclose certain information. No further\ninformation is currently available.\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to disclose certain information.\");\n script_tag(name:\"affected\", value:\"HP System Management Homepage (SMH) version before 7.3\");\n script_tag(name:\"solution\", value:\"Upgrade to HP System Management Homepage (SMH) 7.3 or later,\nhttp://h18013.www1.hp.com/products/servers/management/agents/index.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/57365\");\n script_xref(name:\"URL\", value:\"http://seclists.org/bugtraq/2014/Mar/61\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_hp_smh_detect.nasl\");\n script_mandatory_keys(\"HP/SMH/installed\");\n script_require_ports(\"Services/www\", 2381);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!smhPort = get_app_port(cpe:CPE)) exit(0);\n\nif(!smhVer = get_app_version(cpe:CPE, port:smhPort)) exit(0);\n\nif(version_is_less(version:smhVer, test_version:\"7.3\"))\n{\n security_message(smhPort);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}]}