HP Multiple Network Products Unspecified Information Disclosure and Remote Code Execution (HPSBHF02888)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote host is missing a vendor-supplied software update.

Description :

The remote HP router or switch could be missing a vendor-supplied
update that corrects an issue that a malicious attacker could remotely
exploit in order to cause a disclosure of information or execution of
code.

See also :

http://www.nessus.org/u?a6205cdb

Solution :

Apply the vendor-specified update.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 70172 ()

Bugtraq ID: 60881
60882

CVE ID: CVE-2013-2340
CVE-2013-2341