HP-UX PHCO_39124 : HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk Manager (VRTSodm), Local Escalation of Privilege (HPSBUX02409 SSRT080171 rev.3)

This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.


Synopsis :

The remote HP-UX host is missing a security-related patch.

Description :

s700_800 11.11 VxFS 3.5-ga15 Command Cumulative Patch 10 :

A potential security vulnerability has been identified with HP-UX
running VRTSvxfs and VRTSodm. The vulnerability could be exploited
locally to cause an escalation of privilege. VRTSvxfs and VRTSodm are
bundled with Storage Management Suite (SMS) and Storage Management for
Oracle (SMO).

See also :

http://www.nessus.org/u?6f594e69

Solution :

Install patch PHCO_39124 or subsequent.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C)

Family: HP-UX Local Security Checks

Nessus Plugin ID: 36060 (hpux_PHCO_39124.nasl)

Bugtraq ID:

CVE ID: CVE-2009-0207