CVE-2008-4413

Unspecified vulnerability in HP System Management Homepage (SMH) 2.2.6 and earlier on HP-UX B.11.11 and B.11.23, and SMH 2.2.6 and 2.2.8 and earlier on HP-UX B.11.23 and B.11.31, allows local users to gain "unauthorized access" via unknown vectors, possibly related to temporary file permissions.

CVSS v2.0 6.2 MEDIUM

6.2^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:S/C:C/I:C/A:N

Exploitability : 3.1 / Impact : 9.2

Access Vector LOCAL

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact NONE

References

Link	Resource
http://marc.info/?l=bugtraq&m=122581539223159&w=2
http://osvdb.org/49521
http://secunia.com/advisories/32544	Vendor Advisory
http://securityreason.com/securityalert/4545
http://www.securitytracker.com/id?1021133
http://www.vupen.com/english/advisories/2008/2999
https://exchange.xforce.ibmcloud.com/vulnerabilities/46313

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:hp:hp-ux:11.11:::::::*
	cpe:2.3:o:hp:hp-ux:11.23:::::::*

OR	cpe:2.3:a:hp:system_management_homepage::::::::
	cpe:2.3:a:hp:system_management_homepage:2.0.0:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.0.1:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.0.2:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.0-103:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.0-103\(a\):::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.0-109:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.0-118:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.1:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.2:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.2-127:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.3:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.3.132:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.4:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.4-143:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.5:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.5-146:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.6:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.6-156:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.7:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.7-168:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.8:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.8-177:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.9:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.9-178:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.10:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.10-186:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.11:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.11-197:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.12-118:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.12-200:::::::*

Configuration 2 (hide)

AND

OR	cpe:2.3:a:hp:system_management_homepage::::::::
	cpe:2.3:a:hp:system_management_homepage:2.0.0:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.0.1:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.0.2:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.0-103:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.0-103\(a\):::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.0-109:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.0-118:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.1:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.2:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.2-127:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.3:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.3.132:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.4:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.4-143:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.5:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.5-146:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.6:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.6-156:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.7:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.7-168:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.8:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.8-177:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.9:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.9-178:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.10:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.10-186:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.11:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.11-197:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.12-118:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.1.12-200:::::::*
	cpe:2.3:a:hp:system_management_homepage:2.2.6:::::::*

OR	cpe:2.3:o:hp:hp-ux:11.11:::::::*
	cpe:2.3:o:hp:hp-ux:11.23:::::::*
	cpe:2.3:o:hp:hp-ux:11.31:::::::*

History

No history.

Information

Published : 2008-11-04 18:29

Updated : 2023-12-10 10:51

NVD link : CVE-2008-4413

Mitre link : CVE-2008-4413

CVE.ORG link : CVE-2008-4413

JSON object : View

Products Affected

system_management_homepage
hp-ux

CWE

CWE-264

Permissions, Privileges, and Access Controls

6.2 /10