HP-UX PHCO_39124 : HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk Manager (VRTSodm), Local Escalation of Privilege (HPSBUX02409 SSRT080171 rev.3)

medium Nessus Plugin ID 36060

Synopsis

The remote HP-UX host is missing a security-related patch.

Description

s700_800 11.11 VxFS 3.5-ga15 Command Cumulative Patch 10 :

A potential security vulnerability has been identified with HP-UX running VRTSvxfs and VRTSodm. The vulnerability could be exploited locally to cause an escalation of privilege. VRTSvxfs and VRTSodm are bundled with Storage Management Suite (SMS) and Storage Management for Oracle (SMO).

Solution

Install patch PHCO_39124 or subsequent.

See Also

http://www.nessus.org/u?6f594e69

Plugin Details

Severity: Medium

ID: 36060

File Name: hpux_PHCO_39124.nasl

Version: 1.12

Type: local

Published: 3/31/2009

Updated: 1/11/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:hp:hp-ux

Required KB Items: Host/local_checks_enabled, Host/HP-UX/version, Host/HP-UX/swlist

Patch Publication Date: 12/19/2008

Vulnerability Publication Date: 3/24/2009

Reference Information

CVE: CVE-2009-0207

HP: HPSBUX02409, SSRT080171, emr_na-c01674733