---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: HP System Management Homepage PHP and Namazu Vulnerabilities SECUNIA ADVISORY ID: SA16322 VERIFY ADVISORY: http://secunia.com/advisories/16322/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, DoS, System access WHERE: >From local network SOFTWARE: HP System Management Homepage 2.x http://secunia.com/product/5490/ DESCRIPTION: HP has issued an update for System Management Homepage. This fixes some vulnerabilities in PHP and Namazu, which can be exploited by malicious people to cause a DoS (Denial of Service), conduct cross-site scripting attacks, or compromise a vulnerable system. For more information: SA13481 SA13600 The vulnerability has been reported in versions 2.0.0 through 2.0.2 for Microsoft Windows 2000, Windows 2003, and Linux. SOLUTION: Update to version 2.1.0 or later. Windows: http://h18000.www1.hp.com/support/files/server/us/download/23065.html Linux: http://h18000.www1.hp.com/support/files/server/us/download/23019.html ORIGINAL ADVISORY: SSRT5998: http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMA01212 OTHER REFERENCES: SA13481: http://secunia.com/advisories/13481/ SA13600: http://secunia.com/advisories/13600/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------