HPE Community
Operating System - HP-UX
1752625 Members
4744 Online
108788 Solutions
New Discussion

HPSMH for HP-UX11.23 security flaw

 
Matthias Schündehütte
Occasional Advisor

‎11-03-2012 08:41 AM - last edited on ‎11-04-2012 07:13 PM by

‎11-03-2012 08:41 AM - last edited on ‎11-04-2012 07:13 PM by

HPSMH for HP-UX11.23 security flaw

Hi all,

 

I'm running "HP System Management Homepage" (HPSMH) on one of our Integrity Servers.

The SW names "SysMgmtWeb  A.3.2.1" and the server is a 'rx1620' running HP-UX B.11.23.

 

Just this morning I got a security complaint from our corporate IT departement (see below).

Has someone an idea how to fix that other than switch off the whole stuff?

 

 

***********************************************

Vulnerability Details

 

Date: Fri 2 Nov 2012 03:38:54 MET

Vuln#: 1CN10815

Vulnerability: Web Server Generic XSS

ToDo: Contact the vendor for a patch or upgrade.

CertRef:

Tool Reference:

http://www.nessus.org/plugins/index.php?view=single&id=10815

Comment:

Counted in:

Monitor:

NessusOutput: Port: 2301/tcp

The request string used to detect this flaw was :

 

/cgi-bin/?<script>cross_site_scripting.nasl</script>

 

The output was :

 

HTTP/1.1 200 OK

Date: Fri Nov  2 04:37:00 MET 2012

Server: HPSMH

Cache-Control: no-cache

Connection: close

Content-Type: text/html; charset=iso-8859-1

 

 

<META HTTP-EQUIV="Expires" CONTENT="0">

<title>System Management Homepage</TITLE>

<meta http-equiv="REFRESH" CONTENT="0;URL=https://blnn721x.ww004.xxxxxxx

.net:2381/cgi-bin/?<script>cross_site_scripting.nasl</script>">

<style>

table.applicationMastheadSmall;table.applicationMastheadSmall td;t [...]

CVE: CVE-2002-1700, CVE-2003-1543, CVE-2005-2453, CVE-2006-1681

 

End of Vulnerability Details

***********************************************

 
 
with best regards
 
Matthias
 
 
P.S. This thread has been moved from Survers > Integrity Servers to HP-UX > security - HP Forums Moderator
0 Kudos
Reply
1 REPLY 1
Ralf Seefeldt
Valued Contributor

‎11-08-2012 01:04 AM

‎11-08-2012 01:04 AM

Re: HPSMH for HP-UX11.23 security flaw

Hi Matthias,

I would chech the patch status of your server. Especcially the patch status of the web server(s) installed. HP comes with a webserver for the SMH. There may be other webservers, too.

Do you have password protection for your SMH? Is it accessible from a limited subnet only or from everywhere in cour company or even from outside your company?
Considering this, the problem chould be less accute. Talk with your ITdepartment.
Do they want the problem to be solved immediatedly or do they only try to rice awarenes?

Bye
Ralf
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.