HP-UX PHSS_38761 : s700_800 11.X OV NNM7.01 Intermediate Patch 12

Critical Nessus Plugin ID 34952

Synopsis

The remote HP-UX host is missing a security-related patch.

Description

s700_800 11.X OV NNM7.01 Intermediate Patch 12 :

The remote HP-UX host is affected by multiple vulnerabilities :

- A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to create a Denial of Service (DoS). (HPSBMA02374 SSRT080046)

- Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to allow execution of arbitrary code or unauthorized access to data. (HPSBMA02406 SSRT080100)

- A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to create a Denial of Service (DoS). (HPSBMA02392 SSRT071481)

- A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely execute arbitrary code or to create a Denial of Service (DoS).
(HPSBMA02338 SSRT080024, SSRT080041)

- Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to allow cross site scripting (XSS). (HPSBMA02388 SSRT080059)

- Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to gain unauthorized access or to create a Denial of Service (DoS). References: CVE-2007-3698, CVE-2007-3922, SUN Alert 102995, 102997. (HPSBMA02384 SSRT071465)

Solution

Install patch PHSS_38761 or subsequent.

See Also

http://www.nessus.org/u?202438e1

http://www.nessus.org/u?39f46ac2

http://www.nessus.org/u?4abf7ab6

http://www.nessus.org/u?04c58123

http://www.nessus.org/u?fb0e7f7d

http://www.nessus.org/u?90fb6f0b

Plugin Details

Severity: Critical

ID: 34952

File Name: hpux_PHSS_38761.nasl

Version: 1.16

Type: local

Published: 2008/11/25

Updated: 2018/07/12

Dependencies: 12634

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:hp:hp-ux

Required KB Items: Host/local_checks_enabled, Host/HP-UX/version, Host/HP-UX/swlist

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2008/10/24

Vulnerability Publication Date: 2007/07/11

Exploitable With

CANVAS (D2ExploitPack)

Reference Information

CVE: CVE-2007-3698, CVE-2007-3922, CVE-2007-4349, CVE-2007-5000, CVE-2007-6388, CVE-2008-1842, CVE-2008-3545, CVE-2008-4559, CVE-2008-4560, CVE-2008-4561, CVE-2008-4562, CVE-2009-0205

BID: 26838, 27237

HP: emr_na-c01466051, emr_na-c01567813, emr_na-c01601492, emr_na-c01607558, emr_na-c01607570, emr_na-c01661610, SSRT071465, SSRT071481, SSRT080024, SSRT080041, SSRT080046, SSRT080059, SSRT080100

CWE: 20, 79, 119, 189, 200