Detections
Analytics
HP System Management Homepage ginkgosnmp.inc Command Injection
high Nessus Plugin ID 70118
Language:
Synopsis
The remote web server is affected by a command injection vulnerability.Description
According to the web server's banner, the version of HP System Management Homepage (SMH) hosted on the remote web server is earlier than 7.2.2 and is, therefore, reportedly affected by a command injection vulnerability.An input validation error exists in the file 'ginkgosnmp.inc' related to the last segment in a requested URL path. This input is later used in an 'exec' call and could allow an authenticated attacker to execute arbitrary commands.
Solution
Upgrade to HP System Management Homepage 7.2.2 or later.See Also
http://www.nessus.org/u?3dbce491
https://www.securityfocus.com/archive/1/528713/30/0/threaded
Plugin Details
Severity: High
ID: 70118
File Name: hpsmh_ginkgosnmp_cmd_injection.nasl
Version: 1.13
Type: remote
Family: Web Servers
Published: 9/25/2013
Updated: 4/11/2022
Configuration: Enable thorough checks
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: High
Base Score: 9
Temporal Score: 7.4
Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/a:hp:system_management_homepage
Required KB Items: www/hp_smh
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 9/10/2013
Vulnerability Publication Date: 6/11/2013
Exploitable With
CANVAS (D2ExploitPack)
Core Impact
Metasploit (HP System Management Homepage JustGetSNMPQueue Command Injection)
Elliot (HP System Management Homepage RCE)
Reference Information
CVE: CVE-2013-3576
BID: 60471
CERT: 735364