Computer Security
[EN] securityvulns.ru no-pyccku


HP XP P9000 information leakage
Published:01.04.2013
Source:
SecurityVulns ID:12977
Type:remote
Threat Level:
5/10
Affected:HP : HP P9000
CVE:CVE-2012-0053 (protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.)
Original documentdocumentHP, [security bulletin] HPSBST02848 SSRT101112 rev.1 - HP XP P9000 Command View Advanced Edition Suite Products, Remote Disclosure of Information (01.04.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod