HP-UX PHSS_40375 : s700_800 11.X OV NNM7.53 IA-64 Intermediate Patch 25

This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.


Synopsis :

The remote HP-UX host is missing a security-related patch.

Description :

s700_800 11.X OV NNM7.53 IA-64 Intermediate Patch 25 :

The remote HP-UX host is affected by multiple vulnerabilities :

- Potential security vulnerabilities have been identified
with the Java Runtime Environment (JRE) and Java
Developer Kit (JDK) delivered with HP OpenView Network
Node Manager (OV NNM). These vulnerabilities may allow
remote unauthorized access, privilege escalation,
execution of arbitrary code, and creation of a Denial of
Service (DoS) . (HPSBMA02486 SSRT090049)

- Potential security vulnerabilities have been identified
with HP OpenView Network Node Manager (OV NNM). These
vulnerabilities could be exploited remotely to execute
arbitrary code. References: CVE-2009-0898 (SSRT090101)
CVE-2009-3845 (SSRT090037, ZDI-CAN-453) CVE-2009-3846
(SSRT090122, ZDI-CAN-526) CVE-2009-3847 (SSRT090128,
ZDI-CAN-532) CVE-2009-3848 (SSRT090129, ZDI-CAN-522)
CVE-2009-3849 (SSRT090130, ZDI-CAN-523) CVE-2009-4176
(SSRT090131, ZDI-CAN-532) CVE-2009-4177 (SSRT090132,
ZDI-CAN-538) CVE-2009-4178 (SSRT090133, ZDI-CAN-539)
CVE-2009-4179 (SSRT090134, ZDI-CAN-540) CVE-2009-4180
(SSRT090135, ZDI-CAN-542) CVE-2009-4181 (SSRT090164,
ZDI-CAN-549). (HPSBMA02483 SSRT090257)

See also :

http://www.nessus.org/u?422f4693
http://www.nessus.org/u?72ecd727

Solution :

Install patch PHSS_40375 or subsequent.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
Public Exploit Available : true