Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1774

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-1774
Last Modified 05 Sep 2008 05:02:48
Published 13 Apr 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1774

Summary

HP System Management Homepage (SMH) 2.1.3.132, when running on CompaqHTTPServer/9.9 on Windows, Linux, or Tru64 UNIX, and when "Trust by Certificates" is not enabled, allows remote attackers to bypass authentication via a crafted URL.

Vulnerable Systems

Application

  • Hp Compaqhttpserver 9.9

  • Hp System Management Homepage 2.1.3.132


References

BUGTRAQ - 20060411 [SRC-Telindus advisory] - HP System Management Homepage Remote Unauthorized Access

MISC - http://src.telindus.com/articles/hpsm_vulnerability.html

SECTRACK - 1015901

XF - hp-smh-auth-bypass(25761)


Last Updated: 27 May 2016 10:42:10