HP ProCurve Threat Management Services zl ST.1.0.090213 Module CRL Security Bypass Vulnerability

2014-07-01T00:00:00
ID SSV:86332
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00

Description

No description provided by source.

                                        
                                            
                                                source: http://www.securityfocus.com/bid/35659/info

HP ProCurve Threat Management Services zl Module is prone to a security-bypass vulnerability.

Successful exploits may allow attackers to bypass certain security restrictions, which may aid in launching further attacks.

ProCurve Threat Management Services zl Module J9155A running vST.1.0.090213 firmware or prior is vulnerable.

1. Go to VPN-->Certificates--> CRL page and load a CRL list.
2. Save the entire configuration.
3. Reboot the TMS zl Module.
4. Once the TMS zl Module is available, go to VPN--> Certificates--> CRL page and the CRL is no longer available.