HP System Management Homepage < / 6.0.0-95 Multiple Vulnerabilities

Critical Nessus Plugin ID 46015


The remote web server has multiple vulnerabilities.


According to its self-reported version number, the HP System Management Homepage install on the remote host is earlier than / 6.0.0-95. Such versions are potentially affected by the following vulnerabilities :

- A cross-site scripting (XSS) vulnerability due to a failure to sanitize UTF-7 encoded input. Browsers are only affected if encoding is set to auto-select.

- An integer overflow in the libxml2 library that can result in a heap overflow. (CVE-2008-4226)

- A buffer overflow in the PHP mbstring extension.

- An unspecified XSS in PHP when 'display_errors' is enabled. (CVE-2008-5814)

- Multiple denial of service vulnerabilities in OpenSSL DTLS. (CVE-2009-1377, CVE-2009-1378, CVE-2009-1379, CVE-2009-1386, CVE-2009-1387)

- A cross-site scripting vulnerability due to a failure to sanitize input to the 'servercert' parameter of '/proxy/smhu/getuiinfo'. (CVE-2009-4185)

- An unspecified vulnerability that could allow an attacker to access sensitive information, modify data, or cause a denial of service. (CVE-2010-1034)


Upgrade to HP System Management Homepage (Windows) / 6.0.0-95 (Linux) or later.

See Also






Plugin Details

Severity: Critical

ID: 46015

File Name: hpsmh_6_0_0_95.nasl

Version: 1.23

Type: remote

Family: Web Servers

Published: 2010/04/27

Updated: 2018/11/15

Dependencies: 10746

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:hp:system_management_homepage

Required KB Items: www/hp_smh

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2009/11/09

Vulnerability Publication Date: 2008/03/21

Exploitable With

Core Impact

Reference Information

CVE: CVE-2008-1468, CVE-2008-4226, CVE-2008-5557, CVE-2008-5814, CVE-2009-1377, CVE-2009-1378, CVE-2009-1379, CVE-2009-1386, CVE-2009-1387, CVE-2010-1034, CVE-2009-4185

BID: 28380, 32326, 32948, 35001, 35138, 35174, 35417, 38081, 39632

Secunia: 38341

CWE: 79, 119, 399