HP SNMP Agents Open Redirect And Cross-site Scripting Vulnerabilities (Linux) Network Vulnerability

Summary

The host is installed with HP SNMP Agents and is prone to open redirect and cross-site scripting vulnerabilities.

Impact

Successful exploitation could allow attackers to execute script code in a user's browser session in context of an affected site. Impact Level: System/Application

Solution

Upgrade to the HP SNMP Agents 9.0.0 or later, For updates refer to http://www.hp.com/

Insight

The flaws are due to input is not properly sanitised before being returned to the user and being used to redirect users.

Affected

HP SNMP Agents version prior to 9.0.0 on Linux

References

http://secunia.com/advisories/48978/
http://www.securelist.com/en/advisories/48978
http://www.securityfocus.com/archive/1/522546

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-2001, CVE-2012-2002

CVSS	Base Score: 8.3 AV:N/AC:M/Au:N/C:C/I:P/A:P

Related Vulnerabilities

Adobe AIR Security Bypass Vulnerability Jan14 (Windows)
Adobe Flash Media Server Multiple Remote Security Vulnerabilities
Active Perl Locale::Maketext Module Multiple Code Injection Vulnerabilities (Windows)
Adobe Acrobat and Reader PDF Handling Code Execution Vulnerability (Windows)
Adobe Acrobat Unspecified vulnerability

HP SNMP Agents Open Redirect and Cross-site Scripting Vulnerabilities (Linux)

Take action and discover your vulnerabilities