ID de Prueba:	1.3.6.1.4.1.25623.1.0.900403
Categoría:	Web application abuses
Título:	HP OpenView Network Node Manager XSS Vulnerability
Resumen:	HP OpenView Network Node Manager is prone to a cross-site scripting (XSS) vulnerability.
Descripción:	Summary: HP OpenView Network Node Manager is prone to a cross-site scripting (XSS) vulnerability. Vulnerability Insight: The flaws are due to errors in HP OpenView NNM 'Network Node Manager' program. Vulnerability Impact: Successful exploitation will allow attacker to execute arbitrary codes. Affected Software/OS: HP OpenView Network Node Manager versions 7.01, 7.51 and 7.53 on HP-UX, Linux, and Solaris. Solution: Apply available patches or updates released by the vendor. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5000 AIX APAR: PK58024 http://www-1.ibm.com/support/docview.wss?uid=swg1PK58024 AIX APAR: PK58074 http://www-1.ibm.com/support/docview.wss?uid=swg1PK58074 AIX APAR: PK63273 http://www-1.ibm.com/support/docview.wss?uid=swg1PK63273 AIX APAR: PK65782 http://www-1.ibm.com/support/docview.wss?uid=swg24019245 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2008//May/msg00001.html BugTraq ID: 26838 http://www.securityfocus.com/bid/26838 Bugtraq: 20080716 rPSA-2008-0035-1 httpd mod_ssl (Google Search) http://www.securityfocus.com/archive/1/494428/100/0/threaded Bugtraq: 20090821 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server (Google Search) http://www.securityfocus.com/archive/1/505990/100/0/threaded Cert/CC Advisory: TA08-150A http://www.us-cert.gov/cas/techalerts/TA08-150A.html https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00562.html https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00541.html HPdes Security Advisory: HPSBMA02388 http://www.securityfocus.com/archive/1/498523/100/0/threaded HPdes Security Advisory: HPSBOV02683 http://marc.info/?l=bugtraq&m=130497311408250&w=2 HPdes Security Advisory: HPSBUX02308 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501 HPdes Security Advisory: SSRT080010 HPdes Security Advisory: SSRT080059 HPdes Security Advisory: SSRT090208 http://www.mandriva.com/security/advisories?name=MDVSA-2008:014 http://www.mandriva.com/security/advisories?name=MDVSA-2008:015 http://www.mandriva.com/security/advisories?name=MDVSA-2008:016 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E http://lists.vmware.com/pipermail/security-announce/2009/000062.html http://www.osvdb.org/39134 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9539 http://www.redhat.com/support/errata/RHSA-2008-0004.html http://www.redhat.com/support/errata/RHSA-2008-0005.html http://www.redhat.com/support/errata/RHSA-2008-0006.html http://www.redhat.com/support/errata/RHSA-2008-0007.html http://www.redhat.com/support/errata/RHSA-2008-0008.html http://www.redhat.com/support/errata/RHSA-2008-0009.html http://www.redhat.com/support/errata/RHSA-2008-0261.html http://securitytracker.com/id?1019093 http://secunia.com/advisories/28046 http://secunia.com/advisories/28073 http://secunia.com/advisories/28081 http://secunia.com/advisories/28196 http://secunia.com/advisories/28375 http://secunia.com/advisories/28467 http://secunia.com/advisories/28471 http://secunia.com/advisories/28525 http://secunia.com/advisories/28526 http://secunia.com/advisories/28607 http://secunia.com/advisories/28749 http://secunia.com/advisories/28750 http://secunia.com/advisories/28922 http://secunia.com/advisories/28977 http://secunia.com/advisories/29420 http://secunia.com/advisories/29640 http://secunia.com/advisories/29806 http://secunia.com/advisories/29988 http://secunia.com/advisories/30356 http://secunia.com/advisories/30430 http://secunia.com/advisories/30732 http://secunia.com/advisories/31142 http://secunia.com/advisories/32800 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.595748 http://sunsolve.sun.com/search/document.do?assetkey=1-26-233623-1 SuSE Security Announcement: SUSE-SA:2008:021 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html http://www.ubuntu.com/usn/usn-575-1 http://www.vupen.com/english/advisories/2007/4201 http://www.vupen.com/english/advisories/2007/4202 http://www.vupen.com/english/advisories/2007/4301 http://www.vupen.com/english/advisories/2008/0084 http://www.vupen.com/english/advisories/2008/0178 http://www.vupen.com/english/advisories/2008/0398 http://www.vupen.com/english/advisories/2008/0809/references http://www.vupen.com/english/advisories/2008/0924/references http://www.vupen.com/english/advisories/2008/1224/references http://www.vupen.com/english/advisories/2008/1623/references http://www.vupen.com/english/advisories/2008/1697 http://www.vupen.com/english/advisories/2008/1875/references XForce ISS Database: apache-modimagemap-xss(39002) https://exchange.xforce.ibmcloud.com/vulnerabilities/39002 XForce ISS Database: apache-modimap-xss(39001) https://exchange.xforce.ibmcloud.com/vulnerabilities/39001 Common Vulnerability Exposure (CVE) ID: CVE-2007-6388 AIX APAR: PK59667 http://www-1.ibm.com/support/search.wss?rs=0&q=PK59667&apar=only AIX APAR: PK62966 http://www-1.ibm.com/support/docview.wss?uid=swg1PK62966 BugTraq ID: 27237 http://www.securityfocus.com/bid/27237 HPdes Security Advisory: HPSBUX02313 http://www.securityfocus.com/archive/1/488082/100/0/threaded HPdes Security Advisory: SSRT080015 https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3Ccvs.httpd.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10272 http://securitytracker.com/id?1019154 http://secunia.com/advisories/28965 http://secunia.com/advisories/29504 http://secunia.com/advisories/33200 http://securityreason.com/securityalert/3541 http://www.vupen.com/english/advisories/2008/0047 http://www.vupen.com/english/advisories/2008/0447/references http://www.vupen.com/english/advisories/2008/0554 http://www.vupen.com/english/advisories/2008/0986/references XForce ISS Database: apache-status-page-xss(39472) https://exchange.xforce.ibmcloud.com/vulnerabilities/39472
Copyright	Copyright (C) 2008 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.