HP-UX PHSS_43890 : s700_800 11.X OV DP7.00 HP-UX IA/PA - Core patch

Critical Nessus Plugin ID 73719


The remote HP-UX host is missing a security-related patch.


s700_800 11.X OV DP7.00 HP-UX IA/PA - Core patch :

Potential security vulnerabilities have been identified with HP Data Protector. These vulnerabilities could be remotely exploited to allow an increase of privilege, create a Denial of Service (DoS), or execute arbitrary code. References: CVE-2013-2344 (ZDI-CAN-1866, SSRT101217) CVE-2013-2345 (ZDI-CAN-1869, SSRT101218) CVE-2013-2346 (ZDI-CAN-1870, SSRT101219) CVE-2013-2347 (ZDI-CAN-1885, SSRT101220) CVE-2013-2348 (ZDI-CAN-1892, SSRT101221) CVE-2013-2349 (ZDI-CAN-1896, SSRT101222) CVE-2013-2350 (ZDI-CAN-1897, SSRT101223) CVE-2013-6194 (ZDI-CAN-1905, SSRT101233) CVE-2013-6195 (ZDI-CAN-2008, SSRT101348).


Install patch PHSS_43890 or subsequent.

See Also


Plugin Details

Severity: Critical

ID: 73719

File Name: hpux_PHSS_43890.nasl

Version: $Revision: 1.4 $

Type: local

Published: 2014/04/27

Modified: 2016/05/03

Dependencies: 12634

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:hp:hp-ux

Required KB Items: Host/local_checks_enabled, Host/HP-UX/version, Host/HP-UX/swlist

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2014/04/11

Exploitable With

Core Impact

Metasploit (HP Data Protector Backup Client Service Directory Traversal)

Reference Information

CVE: CVE-2013-2344, CVE-2013-2345, CVE-2013-2346, CVE-2013-2347, CVE-2013-2348, CVE-2013-2349, CVE-2013-2350, CVE-2013-6194, CVE-2013-6195

BID: 64647

OSVDB: 101625, 101626, 101627, 101628, 101629, 101630, 101631, 101634, 101635

HP: emr_na-c03822422