ID CVE-2012-0135
Summary Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows remote authenticated users to cause a denial of service via unknown vectors.
References
Vulnerable Configurations
  • HP System Management Homepage 2.1.3
    cpe:2.3:a:hp:system_management_homepage:2.1.3
  • HP System Management Homepage 2.1.2
    cpe:2.3:a:hp:system_management_homepage:2.1.2
  • HP System Management Homepage 2.1.0-118
    cpe:2.3:a:hp:system_management_homepage:2.1.0-118
  • HP System Management Homepage 2.1.12-118
    cpe:2.3:a:hp:system_management_homepage:2.1.12-118
  • HP System Management Homepage 2.1.0-103(a)
    cpe:2.3:a:hp:system_management_homepage:2.1.0-103%28a%29
  • HP System Management Homepage 2.1.0-109
    cpe:2.3:a:hp:system_management_homepage:2.1.0-109
  • HP System Management Homepage 2.1.0-103
    cpe:2.3:a:hp:system_management_homepage:2.1.0-103
  • HP System Management Homepage 2.1.10-186
    cpe:2.3:a:hp:system_management_homepage:2.1.10-186
  • HP System Management Homepage 2.1.9-178
    cpe:2.3:a:hp:system_management_homepage:2.1.9-178
  • HP System Management Homepage 2.1.8-177
    cpe:2.3:a:hp:system_management_homepage:2.1.8-177
  • HP System Management Homepage 2.1.7-168
    cpe:2.3:a:hp:system_management_homepage:2.1.7-168
  • HP System Management Homepage 2.1.6-156
    cpe:2.3:a:hp:system_management_homepage:2.1.6-156
  • HP System Management Homepage 2.1.5-146
    cpe:2.3:a:hp:system_management_homepage:2.1.5-146
  • HP System Management Homepage 2.1.4-143
    cpe:2.3:a:hp:system_management_homepage:2.1.4-143
  • HP System Management Homepage 2.1.15-210
    cpe:2.3:a:hp:system_management_homepage:2.1.15-210
  • HP System Management Homepage 2.1.2-127
    cpe:2.3:a:hp:system_management_homepage:2.1.2-127
  • HP System Management Homepage 2.1.12-200
    cpe:2.3:a:hp:system_management_homepage:2.1.12-200
  • HP System Management Homepage 2.1.11-197
    cpe:2.3:a:hp:system_management_homepage:2.1.11-197
  • HP System Management Homepage 6.0.0.96
    cpe:2.3:a:hp:system_management_homepage:6.0.0.96
  • HP System Management Homepage 6.0.0-95
    cpe:2.3:a:hp:system_management_homepage:6.0.0-95
  • HP System Management Homepage 6.0
    cpe:2.3:a:hp:system_management_homepage:6.0
  • HP System Management Homepage 2.2.6
    cpe:2.3:a:hp:system_management_homepage:2.2.6
  • HP System Management Homepage 2.2.8
    cpe:2.3:a:hp:system_management_homepage:2.2.8
  • HP System Management Homepage 3.0.2-77
    cpe:2.3:a:hp:system_management_homepage:3.0.2-77
  • HP System Management Homepage 2.1.8
    cpe:2.3:a:hp:system_management_homepage:2.1.8
  • HP System Management Homepage 3.0.1-73
    cpe:2.3:a:hp:system_management_homepage:3.0.1-73
  • HP System Management Homepage 2.1.0.121
    cpe:2.3:a:hp:system_management_homepage:2.1.0.121
  • HP System Management Homepage 2.1.5
    cpe:2.3:a:hp:system_management_homepage:2.1.5
  • HP System Management Homepage 2.0.2.106
    cpe:2.3:a:hp:system_management_homepage:2.0.2.106
  • HP System Management Homepage 2.1.6
    cpe:2.3:a:hp:system_management_homepage:2.1.6
  • HP System Management Homepage 2.0.1.104
    cpe:2.3:a:hp:system_management_homepage:2.0.1.104
  • HP System Management Homepage 2.1.7
    cpe:2.3:a:hp:system_management_homepage:2.1.7
  • HP System Management Homepage 2.1.9
    cpe:2.3:a:hp:system_management_homepage:2.1.9
  • HP System Management Homepage 2.1.5.146:b
    cpe:2.3:a:hp:system_management_homepage:2.1.5.146:b
  • HP System Management Homepage 6.1
    cpe:2.3:a:hp:system_management_homepage:6.1
  • HP System Management Homepage 2.1.5.146
    cpe:2.3:a:hp:system_management_homepage:2.1.5.146
  • HP System Management Homepage 2.1.4.143
    cpe:2.3:a:hp:system_management_homepage:2.1.4.143
  • HP System Management Homepage 2.1.2.127
    cpe:2.3:a:hp:system_management_homepage:2.1.2.127
  • HP System Management Homepage 2.1.10.186:b
    cpe:2.3:a:hp:system_management_homepage:2.1.10.186:b
  • HP System Management Homepage 2.0.1
    cpe:2.3:a:hp:system_management_homepage:2.0.1
  • HP System Management Homepage 2.1.10.186:c
    cpe:2.3:a:hp:system_management_homepage:2.1.10.186:c
  • HP System Management Homepage 2.0.2
    cpe:2.3:a:hp:system_management_homepage:2.0.2
  • HP System Management Homepage 2.1.11.197:a
    cpe:2.3:a:hp:system_management_homepage:2.1.11.197:a
  • HP System Management Homepage 2.1.12.201
    cpe:2.3:a:hp:system_management_homepage:2.1.12.201
  • HP System Management Homepage 2.0.0
    cpe:2.3:a:hp:system_management_homepage:2.0.0
  • HP System Management Homepage 2.1.3.132
    cpe:2.3:a:hp:system_management_homepage:2.1.3.132
  • HP System Management Homepage 2.1.6.156
    cpe:2.3:a:hp:system_management_homepage:2.1.6.156
  • HP System Management Homepage 2.1.4
    cpe:2.3:a:hp:system_management_homepage:2.1.4
  • HP System Management Homepage 2.1.7.168
    cpe:2.3:a:hp:system_management_homepage:2.1.7.168
  • HP System Management Homepage 2.1
    cpe:2.3:a:hp:system_management_homepage:2.1
  • HP System Management Homepage 2.1.8.179
    cpe:2.3:a:hp:system_management_homepage:2.1.8.179
  • HP System Management Homepage 2.1.10.186
    cpe:2.3:a:hp:system_management_homepage:2.1.10.186
  • HP System Management Homepage 2.1.1
    cpe:2.3:a:hp:system_management_homepage:2.1.1
  • HP System Management Homepage 6.1.0.102
    cpe:2.3:a:hp:system_management_homepage:6.1.0.102
  • HP System Management Homepage 2.1.14.20
    cpe:2.3:a:hp:system_management_homepage:2.1.14.20
  • HP System Management Homepage 2.1.15.210
    cpe:2.3:a:hp:system_management_homepage:2.1.15.210
  • HP System Management Homepage 3.0.0.64
    cpe:2.3:a:hp:system_management_homepage:3.0.0.64
  • HP System Management Homepage 3.0.2.77:b
    cpe:2.3:a:hp:system_management_homepage:3.0.2.77:b
  • HP System Management Homepage 3.0.2.77
    cpe:2.3:a:hp:system_management_homepage:3.0.2.77
  • HP System Management Homepage 2.1.11
    cpe:2.3:a:hp:system_management_homepage:2.1.11
  • HP System Management Homepage 2.1.10
    cpe:2.3:a:hp:system_management_homepage:2.1.10
  • HP System Management Homepage 3.0.0-68
    cpe:2.3:a:hp:system_management_homepage:3.0.0-68
  • HP System Management Homepage 3.0.1.73
    cpe:2.3:a:hp:system_management_homepage:3.0.1.73
  • HP System Management Homepage 6.1.0-103
    cpe:2.3:a:hp:system_management_homepage:6.1.0-103
CVSS
Base: 3.5 (as of 18-04-2012 - 12:24)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM SINGLE_INSTANCE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
NASL family Web Servers
NASL id HPSMH_7_0_0_24.NASL
description According to the web server's banner, the version of HP System Management Homepage (SMH) hosted on the remote host is earlier than 7.0. As such, it is reportedly affected by the following vulnerabilities : - An error exists in the 'generate-id' function in the bundled libxslt library that can allow disclosure of heap memory addresses. (CVE-2011-0195) - An unspecified input validation error exists and can allow cross-site request forgery attacks. (CVE-2011-3846) - Unspecified errors can allow attackers to carry out denial of service attacks via unspecified vectors. (CVE-2012-0135, CVE-2012-1993) - The bundled version of PHP contains multiple vulnerabilities. (CVE-2010-3436, CVE-2010-4409, CVE-2010-4645, CVE-2011-1148, CVE-2011-1153, CVE-2011-1464, CVE-2011-1467, CVE-2011-1468, CVE-2011-1470, CVE-2011-1471, CVE-2011-1938, CVE-2011-2202, CVE-2011-2483, CVE-2011-3182, CVE-2011-3189, CVE-2011-3267, CVE-2011-3268) - The bundled version of Apache contains multiple vulnerabilities. (CVE-2010-1452, CVE-2010-1623, CVE-2010-2068, CVE-2010-2791, CVE-2011-0419, CVE-2011-1928, CVE-2011-3192, CVE-2011-3348, CVE-2011-3368, CVE-2011-3639) - OpenSSL libraries are contained in several of the bundled components and contain multiple vulnerabilities. (CVE-2011-0014, CVE-2011-1468, CVE-2011-1945, CVE-2011-3207,CVE-2011-3210) - Curl libraries are contained in several of the bundled components and contain multiple vulnerabilities. (CVE-2009-0037, CVE-2010-0734, CVE-2011-2192)
last seen 2019-02-21
modified 2018-11-15
plugin id 58811
published 2012-04-20
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=58811
title HP System Management Homepage < 7.0 Multiple Vulnerabilities
refmap via4
hp
  • HPSBMU02764
  • SSRT100827
sectrack 1026925
xf hp-system-homepage-dos(74917)
Last major update 03-01-2013 - 23:34
Published 18-04-2012 - 06:33
Last modified 28-08-2017 - 21:30
Back to Top