CVE-2006-1023 - Directory traversal vulnerability in HP System Management Homepage (SMH) 2.0.0 through 2.1.4 on Wind

CVE-2006-1023

Summary

Directory traversal vulnerability in HP System Management Homepage (SMH) 2.0.0 through 2.1.4 on Windows allows remote attackers to access certain files via unspecified vectors. This vulnerability affects all versions of HP, System Management Homepage from 2.0.0 through 2.1.4. This vulnarebility is only present in the following Windows OS environments: Microsoft Windows 2000, 2003, 2003 for x64, 2003 for Itanium and also Windows XP.

References

Vulnerable Configurations

cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 18-10-2018 - 16:30)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:N/A:N

refmap via4

bid	16876
hp	HPSBMA02099 SSRT061118
sectrack	1015692
secunia	19059
vupen	ADV-2006-0769
xf	hp-system-managemenet-homepage-dir-traversal(24996)

Last major update

18-10-2018 - 16:30

Published

07-03-2006 - 00:02

Last modified

18-10-2018 - 16:30