‘HP System Management Homepage (SMH) Disclosure of Sensitive Information Vulnerability’

Summary

A potential security vulnerability has been identified with HP System Management Homepage (SMH) for Linux.’

Credit:

‘The original article can be found at: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02475053


Details

Vulnerable Systems:
 * HP System Management Homepage for Linux (x86) v6.0 and v6.1 only
 * HP System Management Homepage for Linux (AMD64/EM64T) v6.0 and v6.1 only

Immune Systems:
 * HP System Management Homepage for Linux (x86) v6.2 or subsequent
 * HP System Management Homepage for Linux (AMD64/EM64T) v6.2 or subsequent

The vulnerability could be exploited remotely by an authorized user to gain access to sensitive information. The sensitive information could allow root access to the Linux system running SMH.

CVE Information:
CVE-2010-3009

Disclosure Timeline:
Release Date: 2010-09-13
Last Updated: 2010-09-13′

Categories: UNIX