HP-UX PHSS_38840 : HP-UX Running Xserver, Remote Execution of Arbitrary Code (HPSBUX02381 SSRT080083 rev.2)

high Nessus Plugin ID 34738

Synopsis

The remote HP-UX host is missing a security-related patch.

Description

s700_800 11.31 Xserver cumulative patch :

Potential security vulnerabilities have been identified with HP-UX running Xserver. The vulnerabilities could be exploited remotely to execute arbitrary code.

Solution

Install patch PHSS_38840 or subsequent.

See Also

http://www.nessus.org/u?a1fab10d

Plugin Details

Severity: High

ID: 34738

File Name: hpux_PHSS_38840.nasl

Version: 1.24

Type: local

Published: 11/11/2008

Updated: 1/11/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:hp:hp-ux

Required KB Items: Host/local_checks_enabled, Host/HP-UX/version, Host/HP-UX/swlist

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/31/2011

Vulnerability Publication Date: 1/18/2008

Exploitable With

Core Impact

Reference Information

CVE: CVE-2007-5958, CVE-2007-6427, CVE-2007-6429, CVE-2008-0006, CVE-2008-1377, CVE-2008-1379

BID: 27350, 27351, 27352, 27353, 27356, 29666, 29669

CWE: 119, 189, 200, 362, 399

HP: HPSBUX02381, SSRT080083, emr_na-c01543321