Il server SSL HTTP in HP Web-enabled software di gestione 5.0 tramite 5.92, con l’accesso anonimo abilitato, consente agli aggressori remoti di compromettere i certificati attendibili caricando i propri certificati. |
http://www.securityfocus.com/bid/9859 http://marc.info/?l=bugtraq&m=107936784030214&w=2 http://www.ciac.org/ciac/bulletins/o-100.shtml http://www.securityfocus.com/advisories/6448 http://www.tru64.org/stories.php?story=04/03/12/0204078 http://www.immunitysec.com/downloads/hp_http.sxw.pdf http://secunia.com/advisories/11126 http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0057.html https://exchange.xforce.ibmcloud.com/vulnerabilities/15466 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1811 |
Vulnerabilità: CVE-2004-1811
