Hp snmp Agents unknown details Cross-Site Scripting Vulnerability

Source: Internet
Author: User
Tags snmp

Release date:
Updated on:

Affected Systems:
Hp snmp Agent 8.7
Hp snmp Agent 8.0
Unaffected system:
Hp snmp Agent 9.0
Description:
--------------------------------------------------------------------------------
Bugtraq id: 53338
Cve id: CVE-2012-2001

Hp snmp Agents is a series of SNMP-based proxies and tools.

Two security vulnerabilities exist in the implementation of hp snmp Agents. Successful exploitation can lead to spoofing and cross-site scripting attacks.

1) Some inputs are returned to the user without verification, resulting in arbitrary HTML and script code execution in the affected site user's browser.

2) if some inputs are not verified, the user is redirected, causing the user to be redirected to any site.

<* Source: HP

Link: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp? ObjectID = c03301854

*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

HP
--
HP has released a Security Bulletin (HPSBMU02771) for this purpose and the corresponding patch:

HPSBMU02771: HPSBMU02771 SSRT100558 rev.1-hp snmp Agents for Linux, Remote Cross Site Scripting (XSS), URL Redirection

Link: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp? ObjectID = c03301854

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.