This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote web server is affected by a command injection vulnerability.
According to the web server's banner, the version of HP System
Management Homepage (SMH) hosted on the remote web server is earlier
than 7.2.2 and is, therefore, reportedly affected by a command
An input validation error exists in the file 'ginkgosnmp.inc' related to
the last segment in a requested URL path. This input is later used in
an 'exec' call and could allow an authenticated attacker to execute
See also :
Upgrade to HP System Management Homepage 7.2.2 or later.
Risk factor :
High / CVSS Base Score : 9.0
CVSS Temporal Score : 7.4
Public Exploit Available : true
Family: Web Servers
Nessus Plugin ID: 70118 ()
Bugtraq ID: 60471
CVE ID: CVE-2013-3576
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.