HP-UX PHNE_25644 : s700_800 11.11 cumulative ARPA Transport patch

This script is Copyright (C) 2005-2015 Tenable Network Security, Inc.

Synopsis :

The remote HP-UX host is missing a security-related patch.

Description :

s700_800 11.11 cumulative ARPA Transport patch :

The remote HP-UX host is affected by multiple vulnerabilities :

- A potential security vulnerability has been identified
with HP-UX running TCP/IP. This vulnerability could be
remotely exploited by an unauthorized user to cause a
Denial of Service(DoS). References: NISCC VU#532967,
CAN-2004-0790, CAN-2004-0791, CAN-2004-1060.
(HPSBUX01164 SSRT4884)

- An HP-UX 11.11 machine with TRANSPORT patches
PHNE_24211, PHNE_24506, PHNE_25134, or PHNE_25642 may be
exposed to a denial of service through the malicious use
of the 'ndd' command. (HPSBUX00192 SSRT071390)

- TCP Initial Sequence Number (ISN) randomization
specified in RFC 1948 is available for HP-UX.
References: CVE-2001-0328, CERT CA-2001-09. (HPSBUX00205

See also :


Solution :

Install patch PHNE_25644 or subsequent.

Risk factor :

Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : true

Family: HP-UX Local Security Checks

Nessus Plugin ID: 16508 (hpux_PHNE_25644.nasl)

Bugtraq ID: 13124

CVE ID: CVE-2001-0328