Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в HP Network Node Manager i
дополнено с 21 ноября 2011 г.
Опубликовано:27 ноября 2011 г.
Источник:
SecurityVulns ID:12052
Тип:удаленная
Уровень опасности:
6/10
Описание:Межсайтовый скриптинг, несанкционированный доступ, утечка информации.
Затронутые продукты:HP : Network Node Manager i 9.0
 HP : Network Node Manager i 9.1
CVE:CVE-2011-4156 (Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.0x and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-4155.)
 CVE-2011-4155 (Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.0x and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-4156.)
 CVE-2011-1534 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x allows remote authenticated users to obtain access to processes via unknown vectors.)
 CVE-2010-0738 (The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.)
Оригинальный текстdocument0a29 40, 0A29-11-1 : Cross-Site Scripting vulnerabilities in HP Network Node Manager i 9.10 (27.11.2011)
 documentHP, [security bulletin] HPSBMU02714 SSRT100244 rev.2 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Disclosure of Information (21.11.2011)
 documentHP, [security bulletin] HPSBMA02659 SSRT100440 rev.2 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access (21.11.2011)
 documentHP, [security bulletin] HPSBMU02708 SSRT100633 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS) (21.11.2011)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород