VRDA Feed : Provides information for vulnerability impact analysis

VRDA Feed by

Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis

[ about VRDA Feed | JPCERT/CC ]

Vulnerability Analysis Result (Revision No : 1)

[ Download XML ]

CVE-2010-3011

system_management_homepage: CRLF injection vulnerability in HP System Managemen...

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3011

Original

CRLF injection vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Translation (Show)

About This Analysis Information

Analysis Information Provider:

NIST NVD

First Published:

2010-09-17

Source Information Category:

Advisory, Alert

Last Updated:

2010-09-20

Affected Product Tags

cpe:/a:hp:system_management_homepage:2.0.0

cpe:/a:hp:system_management_homepage:2.0.1

cpe:/a:hp:system_management_homepage:2.0.1.104

cpe:/a:hp:system_management_homepage:2.0.2

cpe:/a:hp:system_management_homepage:2.0.2.106

cpe:/a:hp:system_management_homepage:2.1

cpe:/a:hp:system_management_homepage:2.1.0-103

cpe:/a:hp:system_management_homepage:2.1.0-103%28a%29

cpe:/a:hp:system_management_homepage:2.1.0-109

cpe:/a:hp:system_management_homepage:2.1.0-118

cpe:/a:hp:system_management_homepage:2.1.0.121

cpe:/a:hp:system_management_homepage:2.1.1

cpe:/a:hp:system_management_homepage:2.1.10

cpe:/a:hp:system_management_homepage:2.1.10-186

cpe:/a:hp:system_management_homepage:2.1.10.186

cpe:/a:hp:system_management_homepage:2.1.10.186:b

cpe:/a:hp:system_management_homepage:2.1.10.186:c

cpe:/a:hp:system_management_homepage:2.1.11

cpe:/a:hp:system_management_homepage:2.1.11-197

cpe:/a:hp:system_management_homepage:2.1.11.197:a

cpe:/a:hp:system_management_homepage:2.1.12-118

cpe:/a:hp:system_management_homepage:2.1.12-200

cpe:/a:hp:system_management_homepage:2.1.12.201

cpe:/a:hp:system_management_homepage:2.1.14.20

cpe:/a:hp:system_management_homepage:2.1.15-210

cpe:/a:hp:system_management_homepage:2.1.15.210

cpe:/a:hp:system_management_homepage:2.1.2

cpe:/a:hp:system_management_homepage:2.1.2-127

cpe:/a:hp:system_management_homepage:2.1.2.127

cpe:/a:hp:system_management_homepage:2.1.3

cpe:/a:hp:system_management_homepage:2.1.3.132

cpe:/a:hp:system_management_homepage:2.1.4

cpe:/a:hp:system_management_homepage:2.1.4-143

cpe:/a:hp:system_management_homepage:2.1.4.143

cpe:/a:hp:system_management_homepage:2.1.5

cpe:/a:hp:system_management_homepage:2.1.5-146

cpe:/a:hp:system_management_homepage:2.1.5.146

cpe:/a:hp:system_management_homepage:2.1.5.146:b

cpe:/a:hp:system_management_homepage:2.1.6

cpe:/a:hp:system_management_homepage:2.1.6-156

cpe:/a:hp:system_management_homepage:2.1.6.156

cpe:/a:hp:system_management_homepage:2.1.7

cpe:/a:hp:system_management_homepage:2.1.7-168

cpe:/a:hp:system_management_homepage:2.1.7.168

cpe:/a:hp:system_management_homepage:2.1.8

cpe:/a:hp:system_management_homepage:2.1.8-177

cpe:/a:hp:system_management_homepage:2.1.8.179

cpe:/a:hp:system_management_homepage:2.1.9

cpe:/a:hp:system_management_homepage:2.1.9-178

cpe:/a:hp:system_management_homepage:2.2.6

cpe:/a:hp:system_management_homepage:2.2.8

cpe:/a:hp:system_management_homepage:3.0.0-68

cpe:/a:hp:system_management_homepage:3.0.0.64

cpe:/a:hp:system_management_homepage:3.0.1-73

cpe:/a:hp:system_management_homepage:3.0.1.73

cpe:/a:hp:system_management_homepage:3.0.2-77

cpe:/a:hp:system_management_homepage:3.0.2.77

cpe:/a:hp:system_management_homepage:3.0.2.77:b

cpe:/a:hp:system_management_homepage:6.0

cpe:/a:hp:system_management_homepage:6.0.0-95

cpe:/a:hp:system_management_homepage:6.0.0.96

cpe:/a:hp:system_management_homepage:6.1 and previous versions

cpe:/a:hp:system_management_homepage:6.1.0-103

cpe:/a:hp:system_management_homepage:6.1.0.102

Vulnerability Analysis Results

[Access Vector] ^[?]

Undefined^[?]

Local^[?]

Adjacent Network^[?]

Network^[?]

[Access Complexit] ^[?]

Undefined^[?]

High^[?]

Medium^[?]

Low^[?]

[Authentication] ^[?]

Undefined^[?]

Multiple^[?]

Single^[?]

None^[?]

[Confidentiality Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

[Integrity Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

[Availability Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

Alternatives

References

HP HPSBMA02568

HP SSRT100219

SECUNIA 41490

SECUNIA 41480

Vulnerability Type Input Validation (CWE-20)