HP-UX PHCO_36809 : HP-UX Running logins(1M), Remote Unauthorized Access (HPSBUX02259 SSRT071439 rev.1)

This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.


Synopsis :

The remote HP-UX host is missing a security-related patch.

Description :

s700_800 11.11 logins(1M) cumulative patch :

A potential security vulnerability has been identified in HP-UX
running the logins(1M) command. This command incorrectly reports
password status. As a result password issues may not be detected,
allowing remote unauthorized access.

See also :

http://www.nessus.org/u?cc4123f0

Solution :

Install patch PHCO_36809 or subsequent.

Risk factor :

High / CVSS Base Score : 9.0
(CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)

Family: HP-UX Local Security Checks

Nessus Plugin ID: 26123 (hpux_PHCO_36809.nasl)

Bugtraq ID:

CVE ID: CVE-2007-5008