Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Nessus: users

Links dead in plugin ID 22225

 

 

Nessus users RSS feed   Index | Next | Previous | View Threaded


ngrandbois at microsolved

Oct 2, 2008, 7:37 AM

Post #1 of 2 (913 views)
Permalink
Links dead in plugin ID 22225

Both links for more information are "dead" in this plugin.

results|x.x.x|y.y.y.y|personal-agent (5555/tcp)|22225|Security
Hole|Synopsis :\n\nIt is possible to execute code on the remote host
through the backup\nagent. \n\nDescription :\n\nThe remote version of HP
OpenView Data Protector is vulnerable to an\nauthentication bypass
vulnerability. By sending specially-crafted\nrequests to the remote
host, an attacker may be able to execute\nunauthorized Backup commands.
Due to the nature of the software, a\nsuccessful exploitation of this
vulnerability could result in remote\ncode execution. \n\nSee also :
\n\nhttp://www.niscc.gov.uk/niscc/docs/br-20060811-00550.html [1]
\n\nSolution :\n\nIf this service is not needed, disable it or filter
incoming traffic\nto this port. HP has released a set of patches for
Data Protector\n5.10 and
5.50:\n\nhttp://itrc.hp.com/service/cki/docDisplay.do?docId=c00742778
[2]\n\n / CVSS Base Score : 7.5\n(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)\nCVE
: CVE-2006-4201\nBID : 19495\n

[1] http://www.niscc.gov.uk/niscc/docs/br-20060811-00550.html is a 404.
[2] http://itrc.hp.com/service/cki/docDisplay.do?docId=c00742778
requires registration.

Of course, the CVE entry and BID are correct. Perhaps updating the link
[1] to be http://www.kb.cert.org/vuls/id/673228 would be more useful?
Link [2] could be updated to
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00742778&jumpid=reg_R1002_USEN,
which is an URL from HP that does not require registration.

This is a tenable maintained plugin or I would have contacted the author.
--
_______________________________________________________________________
Nathan Grandbois, CISSP ngrandbois [at] microsolved
Security Analyst (614) 351-1237 x 212
PGP Key Available by Request
MicroSolved is security expertise you can trust!

HoneyPoint Security Server
Attackers get stung, instead of you!
http://www.microsolved.com/honeypoint
Attachments: smime.p7s (3.21 KB)


theall at tenablesecurity

Oct 2, 2008, 8:51 AM

Post #2 of 2 (877 views)
Permalink
Re: Links dead in plugin ID 22225 [In reply to]

On Oct 2, 2008, at 10:37 AM, Nathan Grandbois wrote:

> Both links for more information are "dead" in this plugin.
...
> Of course, the CVE entry and BID are correct. Perhaps updating the
> link [1] to be http://www.kb.cert.org/vuls/id/673228 would be more
> useful?
> Link [2] could be updated to http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00742778&jumpid=reg_R1002_USEN
> , which is an URL from HP that does not require registration.

Thanks. I've replaced the old links with the ones you found.

George
--
theall [at] tenablesecurity



_______________________________________________
Nessus mailing list
Nessus [at] list
http://mail.nessus.org/mailman/listinfo/nessus

Nessus users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.