This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.
The remote HP-UX host is missing a security-related patch.
s700_800 11.23 Bind 9.2.0 components :
1. Certain ASN.1 encodings that are rejected as invalid by the parser
can trigger a bug in the deallocation of the corresponding data
structure, corrupting the stack. This can be used as a denial of
service attack. It is currently unknown whether this can be exploited
to run malicious code. This issue does not affect OpenSSL 0.9.6. More
details are available at: CVE-2003-0545 2. Unusual ASN.1 tag values
can cause an out of bounds read under certain circumstances, resulting
in a denial of service vulnerability. More details are available at:
CVE-2003-0543 CVE-2003-0544 3. A malformed public key in a certificate
will crash the verify code if it is set to ignore public key decoding
errors. Exploitation of an affected application would result in a
denial of service vulnerability. 4. Due to an error in the SSL/TLS
protocol handling, a server will parse a client certificate when one
is not specifically requested.
See also :
Install patch PHNE_31726 or subsequent.
Risk factor :
Critical / CVSS Base Score : 10.0
Family: HP-UX Local Security Checks
Nessus Plugin ID: 16912 (hpux_PHNE_31726.nasl)
CVE ID: CVE-2003-0543CVE-2003-0544CVE-2003-0545
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.