How to Buy
This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.
The remote web server is affected by multiple vulnerabilities.
According to the web server's banner, the version of HP System
Management Homepage (SMH) hosted on the remote web server is a version
prior to 220.127.116.11. It is, therefore, affected by the following
- An information disclosure vulnerability, known as BEAST,
exists in the SSL 3.0 and TLS 1.0 protocols due to a
flaw in the way the initialization vector (IV) is
selected when operating in cipher-block chaining (CBC)
modes. A man-in-the-middle attacker can exploit this
to obtain plaintext HTTP header data, by using a
blockwise chosen-boundary attack (BCBA) on an HTTPS
the HTML5 WebSocket API, the Java URLConnection API,
or the Silverlight WebClient API. (CVE-2011-3389)
- The utility 'apachectl' can receive a zero-length
directory name in the LD_LIBRARY_PATH via the 'envvars'
file. A local attacker with access to that utility
could exploit this to load a malicious Dynamic Shared
Object (DSO), leading to arbitrary code execution.
- Numerous, unspecified errors could allow remote denial
of service attacks. (CVE-2012-2110, CVE-2012-2329,
CVE-2012-2336, CVE-2013-2357, CVE-2013-2358,
- The fix for CVE-2012-1823 does not completely correct
the CGI query parameter vulnerability. Disclosure of
PHP source code and code execution are still possible.
Note that this vulnerability is exploitable only when
PHP is used in CGI-based configurations. Apache with
'mod_php' is not an exploitable configuration.
- Unspecified errors exist that could allow unauthorized
access. (CVE-2012-5217, CVE-2013-2355)
- Unspecified errors exist that could allow disclosure of
sensitive information. (CVE-2013-2356, CVE-2013-2363)
- An unspecified error exists that could allow cross-site
scripting attacks. (CVE-2013-2361)
- Unspecified errors exist that could allow a local
attacker to cause denial of service conditions.
- An as-yet unspecified vulnerability exists that could
cause a denial of service condition. (CVE-2013-4821)
See also :
Upgrade to HP System Management Homepage 18.104.22.168 or later.
Risk factor :
High / CVSS Base Score : 7.8
CVSS Temporal Score : 6.1
Public Exploit Available : true
Family: Web Servers
Nessus Plugin ID: 69020 ()
Bugtraq ID: 4977853046531585338853455613326133361335613366133761338613396134061341613426134362622
CVE ID: CVE-2011-3389CVE-2012-0883CVE-2012-2110CVE-2012-2311CVE-2012-2329CVE-2012-2335CVE-2012-2336CVE-2012-5217CVE-2013-2355CVE-2013-2356CVE-2013-2357CVE-2013-2358CVE-2013-2359CVE-2013-2360CVE-2013-2361CVE-2013-2362CVE-2013-2363CVE-2013-2364CVE-2013-4821
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.