HP-UX PHNE_25644 : s700_800 11.11 cumulative ARPA Transport patch

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.


Synopsis :

The remote HP-UX host is missing a security-related patch.

Description :

s700_800 11.11 cumulative ARPA Transport patch :

The remote HP-UX host is affected by multiple vulnerabilities :

- A potential security vulnerability has been identified
with HP-UX running TCP/IP. This vulnerability could be
remotely exploited by an unauthorized user to cause a
Denial of Service(DoS). References: NISCC VU#532967,
CAN-2004-0790, CAN-2004-0791, CAN-2004-1060.
(HPSBUX01164 SSRT4884)

- An HP-UX 11.11 machine with TRANSPORT patches
PHNE_24211, PHNE_24506, PHNE_25134, or PHNE_25642 may be
exposed to a denial of service through the malicious use
of the 'ndd' command. (HPSBUX00192 SSRT071390)

- TCP Initial Sequence Number (ISN) randomization
specified in RFC 1948 is available for HP-UX.
References: CVE-2001-0328, CERT CA-2001-09. (HPSBUX00205
SSRT080009)

See also :

http://www.nessus.org/u?b75e5227
http://www.nessus.org/u?47614ae6
http://www.nessus.org/u?3a3e8ad7

Solution :

Install patch PHNE_25644 or subsequent.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

Family: HP-UX Local Security Checks

Nessus Plugin ID: 16508 (hpux_PHNE_25644.nasl)

Bugtraq ID:

CVE ID: CVE-2001-0328
CVE-2004-0790
CVE-2004-0791
CVE-2004-1060