ProLiant Servers (ML,DL,SL)
cancel
Showing results for 
Search instead for 
Did you mean: 

Agents/SMH Cross Site Scripting Vulnerability

SOLVED
Go to solution
CG_2
Frequent Advisor

Agents/SMH Cross Site Scripting Vulnerability

Hello,

I just scanned my VMware ESX v2.5.1 server with Nessus v2.2.4 with current plugins as of 1 June 2004.

It says that the 'web server' on ports 2301 and 2381 (System Management Homepage) is vulnerable to the "Cross Site Scripting Vulnerability", CVE-2002-1060.

Is this true, or is my scanner just giving me a false positive?

I have the v7.2 PSP for ESX installed.
ESX and the PSP were a fresh install onto bare metal.
2 REPLIES
David Claypool
Honored Contributor
Solution

Re: Agents/SMH Cross Site Scripting Vulnerability

Here is the CVE entry: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1060

The vulnerability reported here was in regards to a "CacheFlow CacheOS" problem and not the Insight agents. This is a false positive.
CG_2
Frequent Advisor

Re: Agents/SMH Cross Site Scripting Vulnerability

Thanks David.