HP-UX PHSS_40368 : HP Network Node Manager (NNM), Remote Execution of Arbitrary Commands (HPSBMA02484 SSRT090076 rev.1)

critical Nessus Plugin ID 44603

Synopsis

The remote HP-UX host is missing a security-related patch.

Description

s700_800 11.X OV NNM8.10 NNM 8.1x Patch 6 :

A potential security vulnerability has been identified with HP Network Node Manager (NNM). The vulnerability could be exploited remotely to execute arbitrary commands.

Solution

Install patch PHSS_40368 or subsequent.

See Also

http://www.nessus.org/u?de4c4a7e

Plugin Details

Severity: Critical

ID: 44603

File Name: hpux_PHSS_40368.nasl

Version: 1.17

Type: local

Published: 2/15/2010

Updated: 1/11/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2010-0445

Vulnerability Information

CPE: cpe:/o:hp:hp-ux

Required KB Items: Host/local_checks_enabled, Host/HP-UX/version, Host/HP-UX/swlist

Patch Publication Date: 2/9/2010

Reference Information

CVE: CVE-2010-0445

HP: SSRT090076, emr_na-c01954593

IAVB: 2010-B-0010-S