HP-UX PHSS_38488 : s700_800 11.X OV NNM7.53 PA-RISC Intermediate Patch 20

This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.


Synopsis :

The remote HP-UX host is missing a security-related patch.

Description :

s700_800 11.X OV NNM7.53 PA-RISC Intermediate Patch 20 :

The remote HP-UX host is affected by multiple vulnerabilities :

- Potential vulnerabilities have been identified with HP
OpenView Network Node Manager (OV NNM). The
vulnerabilities could be exploited remotely to execute
arbitrary code with administrator priviliges or to
create a Denial of Service (DoS). (HPSBMA02477
SSRT090177)

- A potential vulnerability has been identified with HP
OpenView Network Node Manager (OV NNM). The
vulnerability could be exploited remotely to execute
arbitrary code or to create a Denial of Service (DoS).
(HPSBMA02348 SSRT080033)

- A potential security vulnerability has been identified
with HP OpenView Network Node Manager (OV NNM). The
vulnerability could be exploited remotely to create a
Denial of Service (DoS). (HPSBMA02374 SSRT080046)

- Potential vulnerabilities have been identified with HP
OpenView Network Node Manager (OV NNM). The
vulnerabilities could be exploited remotely to create a
Denial of Service (DoS) or to execute arbitrary code.
References: CVE-2008-3536, CVE-2008-3537, CVE-2008-3544
(Bugtraq ID 28668). (HPSBMA02362 SSRT080044, SSRT080045,
SSRT080042)

- A potential vulnerability has been identified with HP
OpenView Network Node Manager (OV NNM). The
vulnerability could be exploited remotely execute
arbitrary code or to create a Denial of Service (DoS).
(HPSBMA02338 SSRT080024, SSRT080041)

See also :

http://www.nessus.org/u?202438e1
http://www.nessus.org/u?6c4897f2
http://www.nessus.org/u?cd8ebfb4
http://www.nessus.org/u?39f46ac2
http://www.nessus.org/u?499137a6

Solution :

Install patch PHSS_38488 or subsequent.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
Public Exploit Available : true

Family: HP-UX Local Security Checks

Nessus Plugin ID: 39379 (hpux_PHSS_38488.nasl)

Bugtraq ID:

CVE ID: CVE-2008-1697
CVE-2008-1842
CVE-2008-3536
CVE-2008-3537
CVE-2008-3544
CVE-2008-3545
CVE-2009-3840
CVE-2010-2710