Summary
The host is running System Management Homepage and is prone to local security bypass vulnerability.
The flaw is caused by an unspecified error, which can be exploited by local users to perform certain actions with escalated privileges.
Impact
Attackers can leverage this issue to gain local unauthorized access.
Impact Level: Application
Solution
Update to HP SMH version 2.2.9.1 or subsequent
http://software.hp.com
*****
NOTE: Ignore this warning, if OS is other than HP-UX B.11.11 and B.11.23, HP-UX B.11.23 and B.11.31.
*****
Affected
HP SMH version 2.2.6 and prior on HP-UX B.11.11 and B.11.23 HP SMH version 2.2.6 and 2.2.8 and prior on HP-UX B.11.23 and B.11.31
References
Severity
Classification
-
CVE CVE-2008-4413 -
CVSS Base Score: 6.2
AV:L/AC:L/Au:S/C:C/I:C/A:N
Related Vulnerabilities
- Adobe Reader 'file://' URL Information Disclosure Vulnerability Feb07 (Linux)
- Apple Safari Multiple Memory Corruption Vulnerabilities-01 Aug14 (Mac OS X)
- Adobe Flash Player/Air Multiple Vulnerabilities -feb10 (Win)
- Apple Safari 'Webkit' Information Disclosure Vulnerability (Win)
- Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Windows)