PT-2006-2765 · Linux+3 · Linux+4

Publicado

2006-04-13

Atualizado

2018-10-18

CVE-2006-1774

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions HP System Management Homepage (SMH) version 2.1.3.132

Description The issue allows remote attackers to bypass authentication via a crafted URL when "Trust by Certificates" is not enabled. This occurs when HP System Management Homepage (SMH) is running on CompaqHTTPServer/9.9 on various operating systems, including Windows, Linux, or Tru64 UNIX.

Recommendations For HP System Management Homepage (SMH) version 2.1.3.132, enable "Trust by Certificates" to prevent authentication bypass.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-1774

Produtos afetados

Compaqhttpserver

Hp System Management Homepage

Linux

Tru64 Unix

Windows

PT-2006-2765 · Linux+3 · Linux+4

CVE-2006-1774

Identificadores relacionados

Produtos afetados

Referências · 6