HP-UX PHSS_40374 : s700_800 11.X OV NNM7.53 PA-RISC Intermediate Patch 25

This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.


Synopsis :

The remote HP-UX host is missing a security-related patch.

Description :

s700_800 11.X OV NNM7.53 PA-RISC Intermediate Patch 25 :

The remote HP-UX host is affected by multiple vulnerabilities :

- Potential security vulnerabilities have been identified
with HP OpenView Network Node Manager (OV NNM). These
vulnerabilities could be exploited remotely to execute
arbitrary code. References: CVE-2009-0898 (SSRT090101)
CVE-2009-3845 (SSRT090037, ZDI-CAN-453) CVE-2009-3846
(SSRT090122, ZDI-CAN-526) CVE-2009-3847 (SSRT090128,
ZDI-CAN-532) CVE-2009-3848 (SSRT090129, ZDI-CAN-522)
CVE-2009-3849 (SSRT090130, ZDI-CAN-523) CVE-2009-4176
(SSRT090131, ZDI-CAN-532) CVE-2009-4177 (SSRT090132,
ZDI-CAN-538) CVE-2009-4178 (SSRT090133, ZDI-CAN-539)
CVE-2009-4179 (SSRT090134, ZDI-CAN-540) CVE-2009-4180
(SSRT090135, ZDI-CAN-542) CVE-2009-4181 (SSRT090164,
ZDI-CAN-549). (HPSBMA02483 SSRT090257)

- Potential security vulnerabilities have been identified
with the Java Runtime Environment (JRE) and Java
Developer Kit (JDK) delivered with HP OpenView Network
Node Manager (OV NNM). These vulnerabilities may allow
remote unauthorized access, privilege escalation,
execution of arbitrary code, and creation of a Denial of
Service (DoS) . (HPSBMA02486 SSRT090049)

See also :

http://www.nessus.org/u?422f4693
http://www.nessus.org/u?72ecd727

Solution :

Install patch PHSS_40374 or subsequent.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
Public Exploit Available : true