HPSMH for HP-UX11.23 security flaw (6846 Views)
Reply
Occasional Advisor
Matthias Schündehütte
Posts: 13
Registered: ‎03-01-2011
Message 1 of 2 (6,846 Views)

HPSMH for HP-UX11.23 security flaw

[ Edited ]

Hi all,

 

I'm running "HP System Management Homepage" (HPSMH) on one of our Integrity Servers.

The SW names "SysMgmtWeb  A.3.2.1" and the server is a 'rx1620' running HP-UX B.11.23.

 

Just this morning I got a security complaint from our corporate IT departement (see below).

Has someone an idea how to fix that other than switch off the whole stuff?

 

 

***********************************************

Vulnerability Details

 

Date: Fri 2 Nov 2012 03:38:54 MET

Vuln#: 1CN10815

Vulnerability: Web Server Generic XSS

ToDo: Contact the vendor for a patch or upgrade.

CertRef:

Tool Reference:

http://www.nessus.org/plugins/index.php?view=single&id=10815

Comment:

Counted in:

Monitor:

NessusOutput: Port: 2301/tcp

The request string used to detect this flaw was :

 

/cgi-bin/?<script>cross_site_scripting.nasl</script>

 

The output was :

 

HTTP/1.1 200 OK

Date: Fri Nov  2 04:37:00 MET 2012

Server: HPSMH

Cache-Control: no-cache

Connection: close

Content-Type: text/html; charset=iso-8859-1

 

 

<META HTTP-EQUIV="Expires" CONTENT="0">

<title>System Management Homepage</TITLE>

<meta http-equiv="REFRESH" CONTENT="0;URL=https://blnn721x.ww004.xxxxxxx

.net:2381/cgi-bin/?<script>cross_site_scripting.nasl</script>">

<style>

table.applicationMastheadSmall;table.applicationMastheadSmall td;t [...]

CVE: CVE-2002-1700, CVE-2003-1543, CVE-2005-2453, CVE-2006-1681

 

End of Vulnerability Details

***********************************************

 
 
with best regards
 
Matthias
 
 
P.S. This thread has been moved from Survers > Integrity Servers to HP-UX > security - HP Forums Moderator
Valued Contributor
Ralf Seefeldt
Posts: 168
Registered: ‎04-02-2001
Message 2 of 2 (6,824 Views)

Re: HPSMH for HP-UX11.23 security flaw

Hi Matthias,

I would chech the patch status of your server. Especcially the patch status of the web server(s) installed. HP comes with a webserver for the SMH. There may be other webservers, too.

Do you have password protection for your SMH? Is it accessible from a limited subnet only or from everywhere in cour company or even from outside your company?
Considering this, the problem chould be less accute. Talk with your ITdepartment.
Do they want the problem to be solved immediatedly or do they only try to rice awarenes?

Bye
Ralf
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.