HP多个产品信息泄露和代码执行漏洞

HP多个产品信息泄露和代码执行漏洞

发布日期：2013-07-02
更新日期：2013-07-04

受影响系统：
3Com Switch 3COM Switch 4800G Family
3Com Switch 3Com Switch 4200 Family
3Com Switch 3Com H3C S5100 Series Switches
3Com Switch 3Com H3C S3600 Series Switches
3Com Switch 3Com H3C S3100 Series Switches
H3C Switches H3C S9500E Core Routing Switch
H3C Switches H3C S7500E Series Switches
H3C Switches H3C S5800 Series Switches
H3C Switches H3C S5600 Series Switches
H3C Switches H3C S5500-SI Series Switches
H3C Switches H3C S5500-EI Series Switches
H3C Switches H3C S5120-SI Series Switches
H3C Switches H3C S5120-EI Series Switches
H3C Switches H3C S12500 Series Switches
H3C Routers SR8800 Series Routers
H3C Routers H3C MSR 900 Series Routers
H3C Routers H3C MSR 50 Series Routers
H3C Routers H3C MSR 30 Series Routers
H3C Routers H3C MSR 20 Series Routers
HP Switch HP MSR900 Series
HP Switch HP MSR50 Series
HP Switch HP MSR30 Series
HP Switch HP MSR20 Series
HP Switch HP Firewall Series
HP Switch HP 9500 Switch Series
HP Switch HP 8800 Switch Series
HP Switch HP 7500 Switch Series
HP Switch HP 6125G/XG Ethernet Blade Swi
HP Switch HP 5800 Switch Series
HP Switch HP 5500 SI Switch Series
HP Switch HP 5500 HI Switch Series
HP Switch HP 5500 EI Switch Series
HP Switch HP 5120 SI Switch Series
HP Switch HP 5120 EI Switch Series
HP Switch HP 4800G Switch Series
HP Switch HP 4500G Switch Series
HP Switch HP 4210G Switch Series
HP Switch HP 4210 Switch Series
HP Switch HP 4200G Switch Series
HP Switch HP 3610 Switch Series
HP Switch HP 3600 SI Switch Series
HP Switch HP 3600 EI Switch Series
HP Switch HP 3100 SI Switch Series
HP Switch HP 3100 EI Switch Series
HP Switch HP 1910 Switch Series
HP Switch HP 12500 Switch Series
HP Switch HP 10500 Switch Series
HP Switch
3Com 5000 Router Series
描述：
--------------------------------------------------------------------------------
BUGTRAQ  ID: 60882
CVE(CAN) ID: CVE-2013-2341， CVE-2013-2340

惠普（HP）是面向个人用户、大中小型企业和研究机构的全球技术解决方案提供商。惠普（HP）提供的产品涵盖了IT基础设施，个人计算及接入设备，全球服务，面向个人消费者、大中小型企业的打印和成像等领域。

多个HP产品存在安全漏洞，可导致泄露敏感信息以及控制受影响设备。

<*来源：vendor
 
  链接：http://secunia.com/advisories/54010/
        https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03808969
*>

建议：
--------------------------------------------------------------------------------
厂商补丁：

HP
--
HP已经为此发布了一个安全公告（HPSBHF02888）以及相应补丁:
HPSBHF02888：HP ProCurve, H3C, 3COM Routers and Switches, Remote Information Disclosure and Code Execution
链接：https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03808969