HP System Management Homepage < 7.5.4.3 AddCertsToTrustCfgList DoS

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

An application running on the remote web server is affected by a
denial of service vulnerability.

Description :

The version of HP System Management Homepage (SMH) hosted on the
remote web server is prior to 7.5.4.3. It is, therefore, affected by a
flaw in the AddCertsToTrustCfgList() function within
file mod_smh_config.so due to improper extraction of the common name
in the subject when processing X.509 certificates. An unauthenticated,
remote attacker can exploit this issue, via a crafted certificate, to
cause a denial of service condition. Note that to exploit this
vulnerability, the 'Trust Mode' setting must be configured with
'Trust All', the 'IP Restricted login' setting must allow the attacker
to access SMH, and the 'Kerberos Authorization' (Windows only) setting
must be disabled.

See also :

http://www.tenable.com/security/research/tra-2016-14

Solution :

Upgrade to HP System Management Homepage (SMH) version 7.5.4.3 or
later.

Risk factor :

Low / CVSS Base Score : 2.6
(CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 2.1
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Web Servers

Nessus Plugin ID: 91260 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now