PT-2006-2765 · Linux+3 · Linux+4

Published

2006-04-13

Updated

2018-10-18

CVE-2006-1774

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions HP System Management Homepage (SMH) version 2.1.3.132

Description The issue allows remote attackers to bypass authentication via a crafted URL when "Trust by Certificates" is not enabled. This occurs when HP System Management Homepage (SMH) is running on CompaqHTTPServer/9.9 on various operating systems, including Windows, Linux, or Tru64 UNIX.

Recommendations For HP System Management Homepage (SMH) version 2.1.3.132, enable "Trust by Certificates" to prevent authentication bypass.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-1774

Affected Products

Compaqhttpserver

Hp System Management Homepage

Linux

Tru64 Unix

Windows

PT-2006-2765 · Linux+3 · Linux+4

CVE-2006-1774

Related Identifiers

Affected Products

References · 6