HP-UX PHSS_38783 : HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Unauthorized Access to Data (HPSBMA02406 SSRT080100 rev.2)

critical Nessus Plugin ID 39382

Synopsis

The remote HP-UX host is missing a security-related patch.

Description

s700_800 11.X OV NNM7.53 IA-64 Intermediate Patch 21 :

Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to allow execution of arbitrary code or unauthorized access to data.

Solution

Install patch PHSS_38783 or subsequent.

See Also

http://www.nessus.org/u?90fb6f0b

Plugin Details

Severity: Critical

ID: 39382

File Name: hpux_PHSS_38783.nasl

Version: 1.23

Type: local

Published: 6/15/2009

Updated: 1/11/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:hp:hp-ux

Required KB Items: Host/local_checks_enabled, Host/HP-UX/version, Host/HP-UX/swlist

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/18/2008

Exploitable With

CANVAS (D2ExploitPack)

Reference Information

CVE: CVE-2008-4559, CVE-2008-4560, CVE-2008-4561, CVE-2008-4562, CVE-2009-0205

CWE: 119, 20, 200

HP: SSRT080100, emr_na-c01661610