HP-UX PHSS_34392 : HP-UX Running Xserver, Remote Execution of Arbitrary Code (HPSBUX02381 SSRT080083 rev.2)

High Nessus Plugin ID 34736

Synopsis

The remote HP-UX host is missing a security-related patch.

Description

s700_800 11.11 Xserver cumulative patch :

Potential security vulnerabilities have been identified with HP-UX running Xserver. The vulnerabilities could be exploited remotely to execute arbitrary code.

Solution

Install patch PHSS_34392 or subsequent.

See Also

http://www.nessus.org/u?a1fab10d

Plugin Details

Severity: High

ID: 34736

File Name: hpux_PHSS_34392.nasl

Version: 1.13

Type: local

Published: 2008/11/11

Updated: 2019/07/10

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:hp:hp-ux

Required KB Items: Host/local_checks_enabled, Host/HP-UX/version, Host/HP-UX/swlist

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2011/05/31

Vulnerability Publication Date: 2008/01/18

Exploitable With

Core Impact

Reference Information

CVE: CVE-2007-5958, CVE-2007-6427, CVE-2007-6429, CVE-2008-0006, CVE-2008-1377, CVE-2008-1379

BID: 27350, 27351, 27352, 27353, 27356, 29666, 29669

HP: emr_na-c01543321, HPSBUX02381, SSRT080083

CWE: 119, 189, 200, 362, 399