HP System Management Homepage ginkgosnmp.inc Command Injection

Added: 07/26/2013
CVE: CVE-2013-3576
BID: 60471
OSVDB: 94191

Background

HP System Management Homepage (SMH) is a web-based interface that consolidates the management of ProLiant and Integrity servers.

Problem

A vulnerability in HP SMH ginkgosnmp.inc script allows command execution by a remote authenticated attacker because it fails to sanitize the requested URL path information used in an exec call.

Resolution

Apply a patch from the vendor when one becomes available.

References

http://www.kb.cert.org/vuls/id/735364

Limitations

This exploit was tested against HP System Management 7.1.1.1 on Windows Server 2003 SP2 English (DEP OptOut) and Windows Server 2008 SP2 (DEP OptOut).

HP System Management must be configured with Anonymous access enabled, or valid user credentials to the web interface must be provided in order for this exploit to succeed.

Platforms

Windows

Back to exploit index