HP WBEM Discloses Diagnostic Data to Remote and Local Users
|
|
SecurityTracker Alert ID: 1026849 |
|
SecurityTracker URL: http://securitytracker.com/id/1026849
|
|
CVE Reference:
CVE-2012-0125, CVE-2012-0126
(Links to External Site)
|
Date: Mar 27 2012
|
Impact:
Disclosure of system information, Disclosure of user information
|
Fix Available: Yes Vendor Confirmed: Yes
|
|
Description:
Two vulnerabilities were reported in HP WBEM. A remote or local user can gain access to diagnostic data.
A remote user can gain access to diagnostic data on HP-UX 11.11 and 11.23.
A local user can gain access to diagnostic data.
|
Impact:
A remote or local user can gain access to diagnostic data.
|
Solution:
The vendor has issued a fix.
The vendor's advisory is available at:
http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03221589
|
Vendor URL: h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03221589 (Links to External Site)
|
Cause:
Not specified
|
Underlying OS:
UNIX (HP/UX)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 27 Mar 2012 17:34:46 +0000
Subject: HPSBUX02755 SSRT100667 rev.1 - HP-UX WBEM, Remote Unauthorized Access to Diagnostic Data
|
http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03221589
CVE-2012-0125, CVE-2012-0126
|
|
