HP-UX PHSS_36902 : s700_800 11.X OV NNM7.51 IA-64 Intermediate Patch 17

This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.


Synopsis :

The remote HP-UX host is missing a security-related patch.

Description :

s700_800 11.X OV NNM7.51 IA-64 Intermediate Patch 17 :

The remote HP-UX host is affected by multiple vulnerabilities :

- A potential vulnerability has been identified with HP
OpenView Network Node Manager (OV NNM). This
vulnerability could be exploited remotely by an
unauthorized user to execute arbitrary code with the
permissions of the NNM server. (HPSBMA02281 SSRT061261)

- A potential vulnerability has been identified with HP
OpenView Network Node Manager (OV NNM). This
vulnerability could by exploited remotely to allow cross
site scripting (XSS). (HPSBMA02283 SSRT071319)

- A potential vulnerability has been identified with HP
OpenView Network Node Manager (OV NNM) running Shared
Trace Service. The vulnerability could be remotely
exploited to execute arbitrary code. (HPSBMA02242
SSRT061260)

See also :

http://www.nessus.org/u?149b8149
http://www.nessus.org/u?3312cdf1
http://www.nessus.org/u?d908af80

Solution :

Install patch PHSS_36902 or subsequent.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
Public Exploit Available : true

Family: HP-UX Local Security Checks

Nessus Plugin ID: 26898 (hpux_PHSS_36902.nasl)

Bugtraq ID:

CVE ID: CVE-2007-3872
CVE-2007-6204
CVE-2007-6343