1. CVE-Search
  2. CVE-2007-3260
ID CVE-2007-3260
Summary HP System Management Homepage (SMH) before 2.1.9 for Linux, when used with Novell eDirectory, assigns the eDirectory members to the root group, which allows remote authenticated eDirectory users to gain privileges.
References
Vulnerable Configurations
  • cpe:2.3:a:hp:system_management_homepage:-:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:-:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.0.1.104:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.0.1.104:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.0.2.106:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.0.2.106:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.0-103\(a\):*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.0-103\(a\):*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.0.121:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.0.121:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.2.127:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.2.127:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.4.143:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.4.143:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.5.146:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.5.146:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.5.146:b:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.5.146:b:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.6.156:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.6.156:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.7.168:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.7.168:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*
CVSS
Base: 9.0 (as of 29-07-2017 - 01:32)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:S/C:C/I:C/A:C
refmap via4
bid 24486
hp
  • HPSBMA02224
  • SSRT071334
osvdb 37513
sectrack 1018256
secunia 25689
vupen ADV-2007-2232
xf hp-smh-edirectory-unauthorized-access(34900)
Last major update 29-07-2017 - 01:32
Published 19-06-2007 - 18:30
Last modified 29-07-2017 - 01:32
Back to Top