Summary
This host is running HP System Management Homepage (SMH) and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow attackers to obtain sensitive information or to redirect users to arbitrary web sites and conduct phishing attacks.
Solution
Upgrade to HP System Management Homepage 6.2 or later, http://h18000.www1.hp.com/products/servers/management/agents/index.html
Insight
The flaws are due to:
- An unspecified error in the application, allows remote attackers to obtain sensitive information via unknown vectors.
- An open redirect vulnerability in the application, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Affected
HP System Management Homepage versions prior to 6.2 on all platforms.
References
Severity
Classification
-
CVE CVE-2010-3283, CVE-2010-3284 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apache Tomcat TroubleShooter Servlet Installed
- Apache Struts CookBook/Examples Multiple Cross-Site Scripting Vulnerabilities
- 12Planet Chat Server one2planet.infolet.InfoServlet XSS
- 2532|Gigs Directory Traversal And SQL Injection Multiple Vulnerabilities
- Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability