HP System Management Homepage Multiple Security Vulnerabilities

HP System Management Homepage is prone to the following security vulnerabilities.

1. A Cross-site scripting Vulnerability
2. A Denial-of-service vulnerability
3. A buffer overflow vulnerability
4. A command injection vulnerability
5. An authentication bypass vulnerability
6 .A security-bypass vulnerability

Attackers can exploit these issues to steal cookie-based authentication credentials, to execute arbitrary scripts in the context of the web server process, or to execute arbitrary code in the context of the affected application and to bypass certain security restrictions and perform unauthorized actions. Failed attacks may cause a denial of service condition. This may aid in launching further attacks.

Versions prior to System Management Homepage Software 7.6.1 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus