CVE-2002-0250 Information

Description

Web configuration utility in HP AdvanceStack hubs J3200A through J3210A with firmware version A.03.07 and earlier allows unauthorized users to bypass authentication via a direct HTTP request to the web_access.html file which allows the user to change the switch’s configuration and modify the administrator password.

Reference

http://marc.info/?l=bugtraq&m=101318469216213&w=2 http://online.securityfocus.com/advisories/3870 http://www.iss.net/security_center/static/8124.php http://www.securityfocus.com/bid/4062