---------------------------------------------------------------------- Secunia integrated with Microsoft WSUS http://secunia.com/blog/71/ ---------------------------------------------------------------------- TITLE: HP System Management Homepage Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA38341 VERIFY ADVISORY: http://secunia.com/advisories/38341/ DESCRIPTION: Richard Brain has reported a vulnerability in HP System Management Homepage, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "servercert" parameter in smhui/getuiinfo (when "JS" is set) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions prior to 6.0. SOLUTION: Fixed in version 6.0.0.96 for Windows and version 6.0.0.95 for Linux. HP System Management Homepage v6.0.0.96 for Windows: http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en&cc=us&prodTypeId=15351&prodSeriesId=1121486&prodNameId=3288144&swEnvOID=4064&swLang=8&mode=2&taskId=135&swItem=MTX-24b3c024ec034eee9a16c3cb3c HP System Management Homepage for Linux (x86) v6.0.0-95: http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en&cc=us&prodTypeId=15351&prodSeriesId=1121486&prodNameId=3288144&swEnvOID=4048&swLang=8&mode=2&taskId=135&swItem=MTX-07a54b93a826424faf044ba986 HP System Management Homepage for Linux (AMD64/EM64T) v6.0.0-95: http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en&cc=us&prodTypeId=15351&prodSeriesId=1121486&prodNameId=3288144&swEnvOID=4049&swLang=8&mode=2&taskId=135&swItem=MTX-0ac5d5c51abe472da22373a2f5 PROVIDED AND/OR DISCOVERED BY: Richard Brain of ProCheckUp Ltd ORIGINAL ADVISORY: ProCheckUp Ltd: http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr09-15 HPSBMA02504 SSRT090220: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02000727 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------