HP-UX PHSS_36870 : HP System Management Homepage (SMH) for HP-UX, XSS (HPSBMA02274 SSRT071445 rev.3)

This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.


Synopsis :

The remote HP-UX host is missing a security-related patch.

Description :

s700_800 11.23 HP System Management Homepage A.2.2.6.2 :

Potential security vulnerabilities have been identified with HP System
Management Homepage (SMH) for HP-UX. These vulnerabilities could by
exploited remotely to allow cross site scripting (XSS).

See also :

http://www.nessus.org/u?0a1bd9b5

Solution :

Install patch PHSS_36870 or subsequent.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)

Family: HP-UX Local Security Checks

Nessus Plugin ID: 27064 (hpux_PHSS_36870.nasl)

Bugtraq ID:

CVE ID: CVE-2007-5302