Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: CGI abuses --> Category: infos

HP Systems Insight Manager Namazu lang Directory Traversal Vulnerability Vulnerability Scan

Vulnerability Scan Summary
Checks for Namazu lang parameter directory traversal vulnerability in HP Systems Insight Manager

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote web server contains a CGI script that is affected by an
directory traversal flaw.

Description :

The remote host appears to be running HP Systems Insight Manager
(SIM), a unified infrastructure management tool.

The version of HP SIM on the remote host includes a version of the
search engine Namazu that reportedly fails to validate user input to
the 'lang' parameter of the 'namazucgi' script. An unauthenticated
attacker may be able to exploit this issue to access files on the
remote host via directory traversal.

See also :

Solution :

Update HP SIM's .namazurc configuration file according to the vendor

Threat Level:

Low / CVSS Base Score : 2.3

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.