HP-UX PHSS_40708 : s700_800 11.X OV NNM7.53 IA-64 Intermediate Patch 26

This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.


Synopsis :

The remote HP-UX host is missing a security-related patch.

Description :

s700_800 11.X OV NNM7.53 IA-64 Intermediate Patch 26 :

The remote HP-UX host is affected by multiple vulnerabilities :

- Potential security vulnerabilities have been identified
with HP OpenView Network Node Manager (OV NNM). These
vulnerabilities could be exploited remotely to execute
arbitrary code. References: CVE-2010-1550 (SSRT090225,
ZDI-CAN-563) CVE-2010-1551 (SSRT090226, ZDI-CAN-564)
CVE-2010-1552 (SSRT090227, ZDI-CAN-566) CVE-2010-1553
(SSRT090228, ZDI-CAN-573) CVE-2010-1554 (SSRT090229,
ZDI-CAN-574) CVE-2010-1555 (SSRT090230, ZDI-CAN-575).
(HPSBMA02527 SSRT010098)

- Potential security vulnerabilities have been identified
with HP OpenView Network Node Manager (OV NNM). These
vulnerabilities could be exploited remotely to execute
arbitrary code under the context of the user running the
web server. References: CVE-2010-1964 (SSRT100026,
ZDI-CAN-683) CVE-2010-1960 (SSRT100027, ZDI-CAN-684)
CVE-2010-1961 (SSRT100028, ZDI-CAN-685).

- A potential security vulnerability has been identified
with HP OpenView Network Node Manager (OV NNM). The
vulnerability could be exploited remotely to execute
arbitrary code under the context of the user running the
web server.

See also :

http://www.nessus.org/u?d5f413ca
http://www.nessus.org/u?f9c68a79
http://www.nessus.org/u?094465cf

Solution :

Install patch PHSS_40708 or subsequent.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
Public Exploit Available : true

Family: HP-UX Local Security Checks

Nessus Plugin ID: 46348 (hpux_PHSS_40708.nasl)

Bugtraq ID:

CVE ID: CVE-2010-1550
CVE-2010-1551
CVE-2010-1552
CVE-2010-1553
CVE-2010-1554
CVE-2010-1555
CVE-2010-1960
CVE-2010-1961
CVE-2010-1964
CVE-2010-2709