HP System Management Homepage ginkgosnmp.inc Command Injection

high Nessus Plugin ID 70118

Synopsis

The remote web server is affected by a command injection vulnerability.

Description

According to the web server's banner, the version of HP System Management Homepage (SMH) hosted on the remote web server is earlier than 7.2.2 and is, therefore, reportedly affected by a command injection vulnerability.

An input validation error exists in the file 'ginkgosnmp.inc' related to the last segment in a requested URL path. This input is later used in an 'exec' call and could allow an authenticated attacker to execute arbitrary commands.

Solution

Upgrade to HP System Management Homepage 7.2.2 or later.

See Also

http://www.nessus.org/u?3dbce491

https://www.securityfocus.com/archive/1/528713/30/0/threaded

Plugin Details

Severity: High

ID: 70118

File Name: hpsmh_ginkgosnmp_cmd_injection.nasl

Version: 1.13

Type: remote

Family: Web Servers

Published: 9/25/2013

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:hp:system_management_homepage

Required KB Items: www/hp_smh

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/10/2013

Vulnerability Publication Date: 6/11/2013

Exploitable With

CANVAS (D2ExploitPack)

Core Impact

Metasploit (HP System Management Homepage JustGetSNMPQueue Command Injection)

Elliot (HP System Management Homepage RCE)

Reference Information

CVE: CVE-2013-3576

BID: 60471

CERT: 735364