首页 / 操作系统 / Linux / HP Service Manager身份验证绕过漏洞(CVE-2013-4808)
发布日期:2013-08-15 更新日期:2013-08-18受影响系统: HP Service Manager 9.21 HP Service Manager 7.11 描述: -------------------------------------------------------------------------------- BUGTRAQ ID: 61789 CVE(CAN) ID: CVE-2013-4808HP Service Manager是ITSM的核心软件。HP Service Manager v9.31, v9.30, v9.21, v7.11存在允许未经身份验证访问和权限提升漏洞,攻击者可利用此漏洞在未经身份验证的情况下访问受影响应用并以提升的权限执行未授权操作。<*来源:HP
链接:http://seclists.org/bugtraq/2013/Aug/120 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03888320 *>建议: -------------------------------------------------------------------------------- 厂商补丁:HP -- HP已经为此发布了一个安全公告(HPSBMU02915)以及相应补丁: HPSBMU02915:HP Service Manager, Remote Unauthenticated Access and Elevation of Privilege 链接:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03888320补丁下载:SM 9.31P2 Server platform Patch URLWindows Server 9.31.2004 p2 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00423HP Itanium Server 9.31.2004 p2 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00420Linux Server 9.31.2004 p2 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00421Solaris Server 9.31.2004 p2 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00422AIX Server 9.31.2004 p2 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00419SM 9.31P2 Web Tier Patch URLWeb Tier 9.31.2004 p2 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00424SM 9.30P5 Server platform Patch URLWindows Server 9.30.511 p5 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00351HP Itanium Server 9.30.511 p5 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00348Linux Server 9.30.511 p5 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00349Solaris Server 9.30.511 p5 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00350AIX Server 9.30.511 p5 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00347SM 9.30P5 Web Tier Patch URLWeb Tier 9.30.511 p5 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00352SM 9.30AP3 Applications Patch URLApplications 9.30 ap3 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00367SM 9.21P7 Server platform Patch URLWindows Server 9.21.624 p7 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00434HP Itanium Server 9.21.624 p7 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00430HP Parisc Server 9.21.624 p7 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00431Linux Server 9.21.624 p7 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00432Solaris Server 9.21.624 p7 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00433AIX Server 9.21.624 p7 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00429SM 9.21P7 Web Tier Patch URLWeb Tier 9.21.624 p7 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00435SM 9.21AP3 Applications Patch URLApplications 9.21 ap3 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00393SM 7.11P20 Server platform Patch URLWindows Server 7.11.604 p20 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00408HP Itanium Server 7.11.604 p20 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00404HP Parisc Server 7.11.604 p20 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00405Linux Server 7.11.604 p20 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00406Solaris Server 7.11.604 p20 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00407AIX Server 7.11.604 p20 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00403SM 7.11P20 Web Tier Patch URLWeb Tier 7.11.604 p20 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00409SM 7.11AP3 Applications Patch URLApplications 7.11 ap3 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00383SC6.2.8.12 Server platform Patch URLAix Server 6.2.8.12 http://support.openview.hp.com/selfsolve/document/LID/HPSC_00263HP Itanium Server 6.2.8.12 http://support.openview.hp.com/selfsolve/document/LID/HPSC_00264HP parisc Server 6.2.8.12 http://support.openview.hp.com/selfsolve/document/LID/HPSC_00265Linux Server 6.2.8.12 http://support.openview.hp.com/selfsolve/document/LID/HPSC_00266Solaris Server 6.2.8.12 http://support.openview.hp.com/selfsolve/document/LID/HPSC_00267Windows Server 6.2.8.12 http://support.openview.hp.com/selfsolve/document/LID/HPSC_00268SC6.2.8.12 Web Tier Patch URLWeb Tier 6.2.8.12 http://support.openview.hp.com/selfsolve/document/LID/HPSC_00269Juniper Junos Space 多个漏洞App Store 存在漏洞 恶意程序能轻易通过审批相关资讯 HP Service Manager
易网时代-编程资源站