HP-UX PHNE_38680 : HP-UX Running IPv6, Remote Denial of Service (DoS) and Unauthorized Access (HPSBUX02407 SSRT080107 rev.1)

critical Nessus Plugin ID 39001

Synopsis

The remote HP-UX host is missing a security-related patch.

Description

s700_800 11.31 cumulative ARPA Transport patch :

A potential security vulnerability has been identified with HP-UX running IPv6. This vulnerability could be exploited remotely resulting in a Denial of Service (DoS) and unauthorized access.

Solution

Install patch PHNE_38680 or subsequent.

See Also

http://www.nessus.org/u?2e35c679

Plugin Details

Severity: Critical

ID: 39001

File Name: hpux_PHNE_38680.nasl

Version: 1.39

Type: local

Published: 2/12/2009

Updated: 7/31/2023

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2008-2476

Vulnerability Information

CPE: cpe:/o:hp:hp-ux

Required KB Items: Host/local_checks_enabled, Host/HP-UX/version, Host/HP-UX/swlist

Exploit Ease: No known exploits are available

Patch Publication Date: 2/2/2009

Vulnerability Publication Date: 10/3/2008

Reference Information

CVE: CVE-2008-2476, CVE-2008-4404, CVE-2009-0418

BID: 31529

CWE: 20

HP: HPSBUX02407, SSRT080107, emr_na-c01662367

IAVB: 2008-B-0070