HP System Management Homepage Multiple Vulnerabilities Network Vulnerability

Summary

HP System Management Homepage is prone to multiple Vulnerabilities. 1. An HTTP response-splitting vulnerability. Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into a false sense of trust. 2. An unspecified remote information-disclosure vulnerability. Remote attackers can exploit this issue to obtain sensitive information that may lead to further attacks. HP System Management Homepage versions prior to 6.2 are vulnerable.

Solution

Updates are available please see the references for more information.

References

http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995&admit=109447626+1284637282234+28353475
https://www.securityfocus.com/bid/43208
https://www.securityfocus.com/bid/43269

Updated on 2017-03-28

Severity

Classification

CVE CVE-2010-3009, CVE-2010-3011, CVE-2010-3012
CVSS Base Score: 9.0
AV:N/AC:L/Au:S/C:C/I:C/A:C

Related Vulnerabilities

Xerver HTTP Server Web Administration Denial of Service Vulnerability
CoreHTTP 'src/http.c ' Buffer Overflow Vulnerability
Apache Multiple Security Vulnerabilities
RDS / MDAC Vulnerability (msadcs.dll) located
Apache Open For Business Weak Password security check

Take action and discover your vulnerabilities