HP-UX PHNE_28102 : s700_800 11.00 ONC/NFS General Release/Performance Patch

high Nessus Plugin ID 16675

Synopsis

The remote HP-UX host is missing a security-related patch.

Description

s700_800 11.00 ONC/NFS General Release/Performance Patch :

The remote HP-UX host is affected by multiple vulnerabilities :

- Potential security vulnerability in rpc.yppasswdd.
(HPSBUX00242 SSRT2330)

- A potential vulnerability in ypxfrd may allow a local user to read files without permission.

- Potential buffer overflow in XDR library. (HPSBUX00215 SSRT2336)

Solution

Install patch PHNE_28102 or subsequent.

See Also

http://www.nessus.org/u?69026abe

http://www.nessus.org/u?a018042e

Plugin Details

Severity: High

ID: 16675

File Name: hpux_PHNE_28102.nasl

Version: 1.12

Type: local

Published: 2/16/2005

Updated: 1/11/2021

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:hp:hp-ux

Required KB Items: Host/local_checks_enabled, Host/HP-UX/version, Host/HP-UX/swlist

Exploit Ease: No known exploits are available

Patch Publication Date: 2/5/2003

Reference Information

BID: 8911

HP: HPSBUX00215, HPSBUX00242, HPSBUX0401, SSRT2330, SSRT2336, SSRT2339, emr_na-c00958066, emr_na-c00958271