https://community.hpe.com/t5/server-management-systems/system-management-homepage-vulnerability-question/m-p/6109577#M57023 <P>Sorry for my lack of knowledge on this forum - could you post or link to where this concern was answered?&nbsp;</P><P>&nbsp;</P><P>If I don't have a solution then I will have to remove this software from a number of servers for regulatory/security compliance.&nbsp; I assume that this was started in repose to CERT advisory 735364: <A target="_blank" href="http://www.kb.cert.org/vuls/id/735364">http://www.kb.cert.org/vuls/id/735364</A></P><P>&nbsp;</P><P>The latest version: 7.2.1.3 dated 2013-May-21 is still reported to have this vulnerability due to the php.exe file.</P><P>&nbsp;</P><P>Thanks in advance.</P><P>&nbsp;</P> Fri, 21 Jun 2013 22:46:27 GMT Anwaar Bhatti 2013-06-21T22:46:27Z https://community.hpe.com/t5/server-management-systems/system-management-homepage-vulnerability-question/m-p/6068523#M56795 <P>Greetings,&nbsp;</P> <P>&nbsp;</P> <P>I hope this is the correct location for this query.</P> <P>&nbsp;</P> <P>HP Support has failed to reply to this question (the Security Ops guys were more helpful, but unable (correctly) to answer the question).</P> <P>&nbsp;</P> <P>Perhaps someone here can clear this issue up.</P> <P>&nbsp;</P> <DIV> <P>Can you verify in which version - precisely - the following security vulnerability is corrected?</P> </DIV> <DIV> <P>&nbsp;</P> </DIV> <DIV> <P>[1]&nbsp;<A href="http://osvdb.org/show/osvdb/91812" target="_blank">http://osvdb.org/show/osvdb/91812</A>&nbsp;- "HP System Management Homepage (SMH) /proxy/DataValidation iprange Parameter Remote Code Execution"</P> </DIV> <DIV> <P>&nbsp;</P> </DIV> <DIV> <P>"HP System Management Homepage contains a flaw in its web interface. The issue is triggered by improper handling of the 'iprange' parameter in requests to /proxy/DataValidation. With a specially crafted request, a remote attacker can execute arbitrary code."</P> </DIV> <DIV> <P>&nbsp;</P> </DIV> <DIV> <P>[2]&nbsp;<A href="http://packetstormsecurity.com/files/121043/HP-System-Management-Anonymous-Access-Code-Execution.html" target="_blank">http://packetstormsecurity.com/files/121043/HP-System-Management-Anonymous-Access-Code-Execution.html</A></P> </DIV> <DIV> <P>&nbsp;</P> </DIV> <DIV> <P>There seems to be some confusion over when this issue was corrected - your assistance would be greatly appreciated.</P> <P>&nbsp;</P> <P>This needs to be CLEARLY answered by HP regardless of what the two outlets above say. The EXACT version(s) or patches which correct this issue need to be clearly posted somewhere.</P> <P>&nbsp;</P> <P>Thanks!</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>P.S. This thread has been moved&nbsp;from Systems Management (OpenView-OP Mgmt) Support and News Forum to ITRC HP Systems Insight Manager Forum - Hp Forum Moderator</P> </DIV> Mon, 20 May 2013 03:58:48 GMT https://community.hpe.com/t5/server-management-systems/system-management-homepage-vulnerability-question/m-p/6068523#M56795 DarrelJenkins 2013-05-20T03:58:48Z https://community.hpe.com/t5/server-management-systems/system-management-homepage-vulnerability-question/m-p/6069961#M56796 <P>:(</P><P>&nbsp;</P><P>A little disappointed here - not even a reply of 'wrong place, fella.'?</P><P>&nbsp;</P><P>Any ideas here, folks?</P> Thu, 16 May 2013 13:32:15 GMT https://community.hpe.com/t5/server-management-systems/system-management-homepage-vulnerability-question/m-p/6069961#M56796 DarrelJenkins 2013-05-16T13:32:15Z https://community.hpe.com/t5/server-management-systems/system-management-homepage-vulnerability-question/m-p/6071285#M56797 <P>HP replied elsewhere on this. Consider solved.</P> Fri, 17 May 2013 15:32:14 GMT https://community.hpe.com/t5/server-management-systems/system-management-homepage-vulnerability-question/m-p/6071285#M56797 DarrelJenkins 2013-05-17T15:32:14Z https://community.hpe.com/t5/server-management-systems/system-management-homepage-vulnerability-question/m-p/6109577#M57023 <P>Sorry for my lack of knowledge on this forum - could you post or link to where this concern was answered?&nbsp;</P><P>&nbsp;</P><P>If I don't have a solution then I will have to remove this software from a number of servers for regulatory/security compliance.&nbsp; I assume that this was started in repose to CERT advisory 735364: <A target="_blank" href="http://www.kb.cert.org/vuls/id/735364">http://www.kb.cert.org/vuls/id/735364</A></P><P>&nbsp;</P><P>The latest version: 7.2.1.3 dated 2013-May-21 is still reported to have this vulnerability due to the php.exe file.</P><P>&nbsp;</P><P>Thanks in advance.</P><P>&nbsp;</P> Fri, 21 Jun 2013 22:46:27 GMT https://community.hpe.com/t5/server-management-systems/system-management-homepage-vulnerability-question/m-p/6109577#M57023 Anwaar Bhatti 2013-06-21T22:46:27Z