| VID |
23161 |
| Severity |
30 |
| Port |
2301,2381 |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The HP SMH service is vulnerable to a directory traversal vulnerability in the 'namazu.cgi' script. Hewlett-Packard System Management Homepage (SMH) is a web-based management interface for ProLiant and Integrity servers. HP SIM versions 2.0.0 through 2.1.4 running on Microsoft Windows platforms are vulnerable to a directory traversal vulnerability, caused by improper validation of user-supplied input passed to the 'lang' parameter of the 'namazu.cgi' script. By sending a specially-crafted URL to the 'namazu.cgi' script containing "dot dot" sequences (/../) in the 'lang' parameter, a remote attacker could traverse directories on the Web server to read arbitrary files on the affected host subject to the permissions of the web server user id.
* References:
http://www.securityfocus.com/archive/1/426345/30/0/threaded
http://secunia.com/advisories/19059/
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00601530
* Platforms Affected:
HP System Management Homepage 2.0.0 through 2.1.4
Microsoft Windows Any version |
| Recommendation |
This vulnerability can be addressed by manually editing configuration files in the HP SMH installation, as listed in the Hewlett-Packard Company Security Bulletin HPSBMA02099 SSRT061118 rev.1 at http://www.securityfocus.com/advisories/10104 |
| Related URL |
CVE-2006-1023 (CVE) |
| Related URL |
16876 (SecurityFocus) |
| Related URL |
24996 (ISS) |
|
