Detections
Analytics

HP-UX PHSS_39245 : s700_800 11.X OV NNM7.53 PA-RISC Intermediate Patch 22

critical Nessus Plugin ID 39383

Synopsis

The remote HP-UX host is missing a security-related patch.

Description

s700_800 11.X OV NNM7.53 PA-RISC Intermediate Patch 22 :

The remote HP-UX host is affected by multiple vulnerabilities :

 - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to execute arbitrary code. (HPSBMA02424 SSRT080125)

 - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to execute arbitrary code. (HPSBMA02425 SSRT080091)

 - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). These vulnerabilities could be exploited remotely to allow execution of arbitrary code. (HPSBMA02400 SSRT080144)

Solution

Install patch PHSS_39245 or subsequent.

See Also

http://www.nessus.org/u?cdefacfb

http://www.nessus.org/u?45827469

http://www.nessus.org/u?0bbcab1d

Plugin Details

Severity: Critical

ID: 39383

File Name: hpux_PHSS_39245.nasl

Version: 1.37

Type: local

Published: 6/15/2009

Updated: 1/11/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:hp:hp-ux

Required KB Items: Host/local_checks_enabled, Host/HP-UX/version, Host/HP-UX/swlist

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/18/2009

Exploitable With

Core Impact

Metasploit (HP OpenView Network Node Manager Toolbar.exe CGI Buffer Overflow)

Reference Information

CVE: CVE-2008-0067, CVE-2008-2438, CVE-2009-0720

BID: 34738, 34812

CWE: 119, 189, 94

HP: SSRT080091, SSRT080125, SSRT080144, emr_na-c01646081, emr_na-c01723303, emr_na-c01728300