语言:
https://www.zerodayinitiative.com/advisories/ZDI-13-204/
http://www.nessus.org/u?2031110c
https://www.securityfocus.com/archive/1/528723/30/0/threaded
https://www.imperialviolet.org/2011/09/23/chromeandbeast.html
严重性: High
ID: 69020
文件名: hpsmh_7_2_1_0.nasl
版本: 1.17
类型: remote
系列: Web Servers
发布时间: 2013/7/23
最近更新时间: 2022/12/5
配置: 启用全面检查
支持的传感器: Nessus
风险因素: High
分数: 7.4
风险因素: High
基本分数: 7.5
时间分数: 6.2
矢量: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS 分数来源: CVE-2012-2335
CPE: cpe:/a:hp:system_management_homepage
必需的 KB 项: www/hp_smh
可利用: true
易利用性: Exploits are available
补丁发布日期: 2013/5/21
漏洞发布日期: 2011/8/31
Core Impact
Metasploit (PHP apache_request_headers Function Buffer Overflow)
CVE: CVE-2011-3389, CVE-2012-0883, CVE-2012-2110, CVE-2012-2311, CVE-2012-2329, CVE-2012-2335, CVE-2012-2336, CVE-2012-5217, CVE-2013-2355, CVE-2013-2356, CVE-2013-2357, CVE-2013-2358, CVE-2013-2359, CVE-2013-2360, CVE-2013-2361, CVE-2013-2362, CVE-2013-2363, CVE-2013-2364, CVE-2013-4821
BID: 49778, 53046, 53158, 53388, 53455, 61332, 61333, 61335, 61336, 61337, 61338, 61339, 61340, 61341, 61342, 61343, 62622
CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990
CERT: 895524
HP: HPSBMU02900, SSRT100696, SSRT100740, SSRT100835, SSRT100907, SSRT100992, SSRT101007, SSRT101076, SSRT101137, SSRT101150, SSRT101151, SSRT101209, SSRT101210, SSRT101254, emr_na-c03839862