CVE-2007-3260

HP System Management Homepage (SMH) before 2.1.9 for Linux, when used with Novell eDirectory, assigns the eDirectory members to the root group, which allows remote authenticated eDirectory users to gain privileges.

Published: Jun 19, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-3260
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9
AV:N/AC:L/Au:S/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
hp / system_management_homepage	-	2.1.8.x

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01072894
http://osvdb.org/37513
http://secunia.com/advisories/25689
http://www.securityfocus.com/bid/24486
http://www.securitytracker.com/id?1018256
http://www.vupen.com/english/advisories/2007/2232
https://exchange.xforce.ibmcloud.com/vulnerabilities/34900

Vulnerability Database

289,599

CVE-2007-3260