Информационная безопасность
[RU] switch to English

Дополнительная информация

  Межсайтовый скриптинг в коммутаторах Hewlett-Packard Procurve

From:Bugs NotHugs <bugsnothugs_(at)_gmail.com>
Date:12 ноября 2009 г.
Subject:HP curiosity and vulnerability

Before the vulnerability..

HP buys 3Com in mega $2.7 billion deal

HP plans to buy 3Com ($2.7b), which owns TippingPoint, which runs ZDI,
which has a 1128-day vuln in HP products: http://bit.ly/2HEonE

ZDI-CAN-582      Hewlett-Packard        Low     2009-10-21, 21 days ago
ZDI-CAN-581      Hewlett-Packard        High    2009-10-21, 21 days ago
ZDI-CAN-575      Hewlett-Packard        High    2009-10-21, 21 days ago
ZDI-CAN-574      Hewlett-Packard        High    2009-10-21, 21 days ago
ZDI-CAN-573      Hewlett-Packard        High    2009-10-21, 21 days ago
ZDI-CAN-566      Hewlett-Packard        High    2009-10-21, 21 days ago
ZDI-CAN-564      Hewlett-Packard        High    2009-10-21, 21 days ago
ZDI-CAN-563      Hewlett-Packard        High    2009-10-21, 21 days ago
ZDI-CAN-518      Hewlett-Packard        High    2009-07-16, 118 days ago
ZDI-CAN-523      Hewlett-Packard        High    2009-07-14, 120 days ago
ZDI-CAN-522      Hewlett-Packard        High    2009-07-14, 120 days ago
ZDI-CAN-503      Hewlett-Packard        High    2009-06-25, 139 days ago
ZDI-CAN-474      Hewlett-Packard        High    2009-04-15, 210 days ago
ZDI-CAN-453      Hewlett-Packard        Medium          2009-03-13, 243 days ago
ZDI-CAN-420      Hewlett-Packard        High    2009-01-26, 289 days ago
ZDI-CAN-419      Hewlett-Packard        High    2009-01-26, 289 days ago
ZDI-CAN-418      Hewlett-Packard        High    2009-01-26, 289 days ago
ZDI-CAN-417      Hewlett-Packard        High    2009-01-26, 289 days ago
ZDI-CAN-206      Hewlett-Packard        High    2007-07-17, 848 days ago
ZDI-CAN-177      Hewlett-Packard        High    2007-03-19, 968 days ago
ZDI-CAN-105      Hewlett-Packard        High    2006-10-10, 1128 days ago

Any bets on whether these vulnerabilities see the light of day?


      Title:  HP ProCurve Web Management Interface Multiple XSS
Release Date:  2009-11-11
Application:  HP ProCurve Switch Management Interface


HP ProCurve Networking Switches use a web based Management Interface to
control and configure the devices. Under the 'Security' -> 'SSL' portion
of the application, an attacker can inject HTML or JavaScript into the
'Organization Name' and 'Organization Unit' fields. The information supplied
by the attacker is stored by the switch and rendered in the browser of
subsequent visitors. Additionally, an attacker can inject script into
various fields related to the SSL certificate. Not only does this create
a cross-site scripting scenario, an administrator cannot change the
fields back using the 'Use Installed Cert' interface, rather she must
create a new certificate to remove the old entry.

Product Details:

Vendor:  Hewlett-Packard Development Company, L.P.
Product:  ProCurve Networking Switches
Version:  5308xl ver E.08.42, ROM E.05.04
             2524 ver F.05.50, ROM F.02.01
             2824 ver I.07.31, ROM I.07.01


Don't use HP products.

Disclosure Timeline:

2006-11-10: Vulnerability Discovered
2006-11-29: Disclosed to Vendor via e-mail to [email protected]
                 HP SSRT replied, SSRT061284 assigned to this issue
2006-11-30: M.M. validated issue
2007-03-28: Mail sent to M.M. and [email protected] asking for status
2008-02-15: Mail sent to M.M. asking for status
2008-02-15: M.M. replies, will confirm and reply following week
2009-11-11: No replies, no indication this is important. (1096 days)


Vendor: http://www.procurve.com/
XSS Information: http://en.wikipedia.org/wiki/Cross_site_scripting


Shared Vulnerability Disclosure Account

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород