HP-UX PHCO_42176 : HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code (HPSBUX02700 SSRT100506 rev.2)

Critical Nessus Plugin ID 56827


The remote HP-UX host is missing a security-related patch.


s700_800 11.31 VRTS 5.0 VRTSob Command Patch :

Potential security vulnerabilities have been identified in HP-UX running the Veritas Enterprise Administrator (VEA), which comes bundled with VxVM. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or execute arbitrary code.
References: CVE-2011-0547, ZDI-CAN-1110, ZDI-CAN-1111.


Install patch PHCO_42176 or subsequent.

See Also


Plugin Details

Severity: Critical

ID: 56827

File Name: hpux_PHCO_42176.nasl

Version: $Revision: 1.12 $

Type: local

Published: 2012/03/06

Modified: 2016/08/24

Dependencies: 12634

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:hp:hp-ux

Required KB Items: Host/local_checks_enabled, Host/HP-UX/version, Host/HP-UX/swlist

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2011/08/09

Reference Information

CVE: CVE-2011-0546, CVE-2011-0547

BID: 47824, 49014

OSVDB: 74919, 74920, 97853

HP: emr_na-c02962262, HPSBUX02700, SSRT100506

IAVB: 2011-B-0108