HP-UX PHSS_40705 : s700_800 11.11 OV NNM7.01 Intermediate Patch 13

This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.


Synopsis :

The remote HP-UX host is missing a security-related patch.

Description :

s700_800 11.11 OV NNM7.01 Intermediate Patch 13 :

The remote HP-UX host is affected by multiple vulnerabilities :

- A potential vulnerability has been identified with HP
OpenView Network Node Manager (OV NNM). The
vulnerability could be exploited remotely to execute
arbitrary code. (HPSBMA02424 SSRT080125)

- Potential security vulnerabilities have been identified
with HP OpenView Network Node Manager (OV NNM). These
vulnerabilities could be exploited remotely to execute
arbitrary code. References: CVE-2009-0898 (SSRT090101)
CVE-2009-3845 (SSRT090037, ZDI-CAN-453) CVE-2009-3846
(SSRT090122, ZDI-CAN-526) CVE-2009-3847 (SSRT090128,
ZDI-CAN-532) CVE-2009-3848 (SSRT090129, ZDI-CAN-522)
CVE-2009-3849 (SSRT090130, ZDI-CAN-523) CVE-2009-4176
(SSRT090131, ZDI-CAN-532) CVE-2009-4177 (SSRT090132,
ZDI-CAN-538) CVE-2009-4178 (SSRT090133, ZDI-CAN-539)
CVE-2009-4179 (SSRT090134, ZDI-CAN-540) CVE-2009-4180
(SSRT090135, ZDI-CAN-542) CVE-2009-4181 (SSRT090164,
ZDI-CAN-549). (HPSBMA02483 SSRT090257)

- Potential security vulnerabilities have been identified
with HP OpenView Network Node Manager (OV NNM). These
vulnerabilities could be exploited remotely to allow
execution of arbitrary code. (HPSBMA02400 SSRT080144)

- Potential vulnerabilities have been identified with HP
OpenView Network Node Manager (OV NNM). The
vulnerabilities could be exploited remotely to execute
arbitrary code. (HPSBMA02416 SSRT090008)

- Potential security vulnerabilities have been identified
with HP OpenView Network Node Manager (OV NNM). These
vulnerabilities could be exploited remotely to execute
arbitrary code. References: CVE-2010-1550 (SSRT090225,
ZDI-CAN-563) CVE-2010-1551 (SSRT090226, ZDI-CAN-564)
CVE-2010-1552 (SSRT090227, ZDI-CAN-566) CVE-2010-1553
(SSRT090228, ZDI-CAN-573) CVE-2010-1554 (SSRT090229,
ZDI-CAN-574) CVE-2010-1555 (SSRT090230, ZDI-CAN-575).
(HPSBMA02527 SSRT010098)

- A potential vulnerability has been identified with HP
OpenView Network Node Manager (OV NNM). The
vulnerability could be exploited remotely to execute
arbitrary code. (HPSBMA02425 SSRT080091)

See also :

http://www.nessus.org/u?cdefacfb
http://www.nessus.org/u?ed695dee
http://www.nessus.org/u?45827469
http://www.nessus.org/u?0bbcab1d
http://www.nessus.org/u?422f4693
http://www.nessus.org/u?d5f413ca

Solution :

Install patch PHSS_40705 or subsequent.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true