Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в HP System Management Homepage
дополнено с 17 сентября 2010 г.
Опубликовано:27 сентября 2010 г.
Источник:
SecurityVulns ID:11152
Тип:удаленная
Уровень опасности:
5/10
Описание:Утечка информации, межсайтовый скриптинг.
Затронутые продукты:HP : HP System Management Homepage 6.0
 HP : HP System Management Homepage 6.1
CVE:CVE-2010-3284 (Unspecified vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to obtain sensitive information via unknown vectors.)
 CVE-2010-3283 (Open redirect vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.)
 CVE-2010-3009 (Unspecified vulnerability in HP System Management Homepage (SMH) for Linux 6.0 and 6.1 allows remote authenticated users to obtain sensitive information and gain root privileges via unknown vectors.)
 CVE-2010-1586 (Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the RedirectUrl parameter.)
Оригинальный текстdocumentHP, [security bulletin] HPSBMA02583 SSRT100070 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote URL Redirection (27.09.2010)
 documentHP, [security bulletin] HPSBMA02578 SSRT100069 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Information Disclosure (27.09.2010)
 documentHP, [security bulletin] HPSBMA02584 SSRT100230 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote URL Redirection (27.09.2010)
 documentHP, [security bulletin] HPSBMA02568 SSRT100219 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS), HTTP Response Splitting, and Other Vulnerabilities (17.09.2010)
 documentHP, [security bulletin] HPSBMA02566 SSRT100045 rev.1 - HP System Management Homepage (SMH) for Linux, Remote Disclosure of Sensitive Information (17.09.2010)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород