HP System Management Homepage < 7.0 Multiple Vulnerabilities

This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.


Synopsis :

The remote web server is affected by multiple vulnerabilities.

Description :

According to the web server's banner, the version of HP System
Management Homepage (SMH) hosted on the remote host is earlier than
7.0. As such, it is reportedly affected by the following
vulnerabilities :

- An error exists in the 'generate-id' function in the
bundled libxslt library that can allow disclosure of
heap memory addresses. (CVE-2011-0195)

- An unspecified input validation error exists and can
allow cross-site request forgery attacks. (CVE-2011-3846)

- Unspecified errors can allow attackers to carry out
denial of service attacks via unspecified vectors.
(CVE-2012-0135, CVE-2012-1993)

- The bundled version of PHP contains multiple
vulnerabilities. (CVE-2010-3436, CVE-2010-4409,
CVE-2010-4645, CVE-2011-1148, CVE-2011-1153,
CVE-2011-1464, CVE-2011-1467, CVE-2011-1468,
CVE-2011-1470, CVE-2011-1471, CVE-2011-1938,
CVE-2011-2202, CVE-2011-2483, CVE-2011-3182,
CVE-2011-3189, CVE-2011-3267, CVE-2011-3268)

- The bundled version of Apache contains multiple
vulnerabilities. (CVE-2010-1452, CVE-2010-1623,
CVE-2010-2068, CVE-2010-2791, CVE-2011-0419,
CVE-2011-1928, CVE-2011-3192, CVE-2011-3348,
CVE-2011-3368, CVE-2011-3639)

- OpenSSL libraries are contained in several of the
bundled components and contain multiple vulnerabilities.
(CVE-2011-0014, CVE-2011-1468, CVE-2011-1945,
CVE-2011-3207,CVE-2011-3210)

- Curl libraries are contained in several of the bundled
components and contain multiple vulnerabilities.
(CVE-2009-0037, CVE-2010-0734, CVE-2011-2192)

See also :

http://www.nessus.org/u?a467ff94

Solution :

Upgrade to HP System Management Homepage 7.0 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true