In association with heise online

12 June 2013, 16:20

HP's "System Management Homepage" web interface vulnerable

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

HP logo Hewlett Packard's "System Management Homepage", a web management interface for ProLiant and Integrity servers, contains a critical security hole that enables remote authenticated attackers to inject commands into systems via specially crafted HTTP requests.

The server that provides the web interface inserts a portion of the requested address into an exec() command without checking it first. A sample request could look like this:

https://<host>:2381/smhutil/snmpchp.php.en/&&<cmd>&&echo (full file name)

HP was notified of the vulnerability on 19 April. However, Daimler TSS Offensive Security team member Markus Wulftange, who discovered the vulnerability, explained that the hole isn't easy to exploit because the "<", ">", "|" and "/" characters are not permitted. Until the hole is closed, these web interfaces should not be made accessible via the internet.

Markus Wulftange has previously reported security holes in HP's Insight Diagnostics server management tool.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit