This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.
The remote web server is affected by a remote code execution
The HP System Management Homepage (SMH) application running on the
remote web server potentially contains an overflow condition in the
Single Sign On (SSO) functionality due to improper validation of
user-supplied input when handling overly long parameters. A remote
attacker could exploit this to cause a stack-based buffer overflow,
resulting in a denial of service or the execution of arbitrary code.
Note that this plugin attempts to crash the HPSMHD process, but the
process can be restarted by a parent process.
See also :
Upgrade to HP System Management Homepage (SMH) 7.4.1 or later.
Risk factor :
Critical / CVSS Base Score : 10.0