HP System Management Homepage Grants Access to Remote Users
|
|
SecurityTracker Alert ID: 1018256 |
|
SecurityTracker URL: http://securitytracker.com/id/1018256
|
|
CVE Reference:
CVE-2007-3260
(Links to External Site)
|
Updated: May 11 2008
|
Original Entry Date: Jun 15 2007
|
Impact:
User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): prior to 2.1.9
|
Description:
A vulnerability was reported in HP System Management Homepage for Linux. A remote user can execute arbitrary code on the target system.
A remote user can exploit an unspecified flaw to gain 'privileged access' to the target application.
Systems that run Linux and belong to Novell's e-directory implementation of directory services are affected.
|
Impact:
A remote user can gain access to the target application.
|
Solution:
The vendor has issued a fixed version (2.1.9).
HP System Management Homepage for Linux (x86) v2.1.9-178 is available at:
http://h18023.www1.hp.com/support/files/server/us/download/27264.html
HP System Management Homepage for Linux (AMD64/EM64T) v2.1.9-178 is available at:
http://h18023.www1.hp.com/support/files/server/us/download/27263.html
The HP advisory is available at:
https://www1.itrc.hp.com/service/cki/docDisplay.do?admit=&docId=emr_na-c01072894-1
|
Vendor URL: www1.itrc.hp.com/service/cki/docDisplay.do?admit=&docId=emr_na-c01072894-1 (Links to External Site)
|
Cause:
Not specified
|
Underlying OS:
Linux (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Fri, 15 Jun 2007 01:11:41 -0400
Subject: HP System Management Homepage
|
https://www1.itrc.hp.com/service/cki/docDisplay.do?admit=&docId=emr_na-c01072894-1
|
|
