Vulnerability Description
HP System Management Homepage (SMH) before 2.1.9 for Linux, when used with Novell eDirectory, assigns the eDirectory members to the root group, which allows remote authenticated eDirectory users to gain privileges.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | System Management Homepage | <= 2.1.8 |
References
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&obje
- http://osvdb.org/37513
- http://secunia.com/advisories/25689Vendor Advisory
- http://www.securityfocus.com/bid/24486Patch
- http://www.securitytracker.com/id?1018256
- http://www.vupen.com/english/advisories/2007/2232
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34900
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&obje
- http://osvdb.org/37513
- http://secunia.com/advisories/25689Vendor Advisory
- http://www.securityfocus.com/bid/24486Patch
- http://www.securitytracker.com/id?1018256
- http://www.vupen.com/english/advisories/2007/2232
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34900
FAQ
What is CVE-2007-3260?
CVE-2007-3260 is a vulnerability with a CVSS score of 9.0 (HIGH). HP System Management Homepage (SMH) before 2.1.9 for Linux, when used with Novell eDirectory, assigns the eDirectory members to the root group, which allows remote authenticated eDirectory users to ga...
How severe is CVE-2007-3260?
CVE-2007-3260 has been rated HIGH with a CVSS base score of 9.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-3260?
Check the references section above for vendor advisories and patch information. Affected products include: Hp System Management Homepage.