HP System Management Homepage < 7.5.4.3 AddCertsToTrustCfgList DoS

low Nessus Plugin ID 91260

Synopsis

An application running on the remote web server is affected by a denial of service vulnerability.

Description

The version of HP System Management Homepage (SMH) hosted on the remote web server is prior to 7.5.4.3. It is, therefore, affected by a flaw in the AddCertsToTrustCfgList() function within file mod_smh_config.so due to improper extraction of the common name in the subject when processing X.509 certificates. An unauthenticated, remote attacker can exploit this issue, via a crafted certificate, to cause a denial of service condition. Note that to exploit this vulnerability, the 'Trust Mode' setting must be configured with 'Trust All', the 'IP Restricted login' setting must allow the attacker to access SMH, and the 'Kerberos Authorization' (Windows only) setting must be disabled.

Solution

Upgrade to HP System Management Homepage (SMH) version 7.5.4.3 or later.

See Also

https://www.tenable.com/security/research/tra-2016-14

Plugin Details

Severity: Low

ID: 91260

File Name: hpsmh_7_5_4_3.nasl

Version: 1.6

Type: remote

Family: Web Servers

Published: 5/19/2016

Updated: 4/11/2022

Configuration: Enable paranoid mode, Enable thorough checks

Supported Sensors: Nessus

Vulnerability Information

CPE: cpe:/a:hp:system_management_homepage

Required KB Items: Settings/ParanoidReport, www/hp_smh

Patch Publication Date: 4/1/2016

Vulnerability Publication Date: 5/5/2016

Reference Information