First published: Tue Jun 19 2007(Updated: )
HP System Management Homepage (SMH) before 2.1.9 for Linux, when used with Novell eDirectory, assigns the eDirectory members to the root group, which allows remote authenticated eDirectory users to gain privileges.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
HP System Management Homepage | <=2.1.8 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2007-3260 is classified as a high severity vulnerability due to the potential for privilege escalation.
To fix CVE-2007-3260, upgrade HP System Management Homepage to version 2.1.9 or later.
CVE-2007-3260 affects versions of HP System Management Homepage prior to 2.1.9 when used with Novell eDirectory.
CVE-2007-3260 is a privilege escalation vulnerability.
Yes, remote authenticated eDirectory users can exploit CVE-2007-3260 to gain unauthorized privileges.