HP SMH Unspecified Security Bypass Vulnerability Network Vulnerability

Summary

The host is running System Management Homepage and is prone to local security bypass vulnerability. The flaw is caused by an unspecified error, which can be exploited by local users to perform certain actions with escalated privileges.

Impact

Attackers can leverage this issue to gain local unauthorized access. Impact Level: Application

Solution

Update to HP SMH version 2.2.9.1 or subsequent http://software.hp.com ***** NOTE: Ignore this warning, if OS is other than HP-UX B.11.11 and B.11.23, HP-UX B.11.23 and B.11.31. *****

Affected

HP SMH version 2.2.6 and prior on HP-UX B.11.11 and B.11.23 HP SMH version 2.2.6 and 2.2.8 and prior on HP-UX B.11.23 and B.11.31

References

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01586921
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4413

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-4413

CVSS	Base Score: 6.2 AV:L/AC:L/Au:S/C:C/I:C/A:N

Related Vulnerabilities

Adobe Digital Edition Information Disclosure Vulnerability (Windows)
Apple QuickTime Multiple Arbitrary Code Execution Vulnerabilities (Win)
aMSN session hijack vulnerability (Windows)
Adobe Reader Plugin Signature Bypass Vulnerability (Mac OS X)
Adobe Flash Player/Air Multiple Vulnerabilities -feb10 (Win)

Take action and discover your vulnerabilities