‘HP Insight Diagnostics Online Edition Cross Site Scripting Vulnerability’

Summary

A Cross Site Scripting vulnerability was discovered in HP Insight Diagnostics.’

Credit:

‘The original article can be found at: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02492472


Details

Vulnerable Systems:
 * HP Insight Diagnostics Online Edition 8.4 and earlier

Immune Systems:
 * HP Insight Diagnostics Online edition 8.5.0-11 or subsequent

A potential security vulnerability has been identified with HP Insight Diagnostics Online Edition running on Linux. The vulnerability could be exploited remotely resulting in cross site scripting.

Patch Availability:
The vulnerability in HP Insight Diagnostics Online Edition can be resolved by installing HP Insight Diagnostics Online Edition 8.5.0-11 from the HP ProLiant Support Pack 8.50 for Linux.
Note: The ProLiant Support Pack is available from www.hp.com by selecting ‘Support & Drivers’ , select ‘Download drivers and software (and firmware)’ and then enter ‘Proliant Support Pack’ for the product.

CVE Information:
CVE-2010-3003

Disclosure Timeline:
Release Date: 2010-08-30
Last Updated: 2010-08-30′

Categories: UNIX