NASLDB: HP-UX PHSS_37141 : s700_800 11.X OV NNM6.4x/ET2.0x Intermediate Patch 17
General
ID: 29200
Name: HP-UX PHSS_37141 : s700_800 11.X OV NNM6.4x/ET2.0x Intermediate Patch 17
Summary: Checks for the patch in the swlist output
Credits: Tenable Network Security, Inc.
Classification
Risk: –
CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Temporal Vector: –
Port: 0
Family: HP-UX Local Security Checks
Type: Local
Description
s700_800 11.X OV NNM6.4x/ET2.0x Intermediate Patch 17 :
The remote HP-UX host is affected by multiple vulnerabilities :
– Potential vulnerabilities have been identified with HP
OpenView Network Node Manager (OV NNM) running Apache.
These vulnerabilities could be exploited remotely
resulting in cross site scripting (XSS), Denial of
Service (DoS), or execution of arbitrary code.
(HPSBMA02328 SSRT071293)
– A potential vulnerability has been identified with HP
OpenView Network Node Manager (OV NNM). This
vulnerability could be exploited remotely by an
unauthorized user to execute arbitrary code with the
permissions of the NNM server. (HPSBMA02281 SSRT061261)
– A potential vulnerability has been identified with HP
OpenView Network Node Manager (OV NNM) running Shared
Trace Service. The vulnerability could be remotely
exploited to execute arbitrary code. (HPSBMA02242
SSRT061260)
– A potential security vulnerability has been identified
with HP OpenView Network Node Manager (OV NNM). The
vulnerability could be exploited remotely to create a
Denial of Service (DoS). (HPSBMA02307 SSRT071420)
– A potential vulnerability has been identified with HP
OpenView Network Node Manager (OV NNM). This
vulnerability could by exploited remotely to allow cross
site scripting (XSS). (HPSBMA02283 SSRT071319)
Exploiting
Exploit Available: True
Exploitability Ease: Exploits are available
Sources
CVE: CVE-2005-3352
OSVDB: –
Bugtraq: –
scipID: –
Timeline
Vulnerability Disclosure: –
Patch Release: 2007/11/07
Plugin Release: 2007/12/04
Plugin
Version: 1.9
Filename: hpux_PHSS_37141.nasl
Filesize: 8543 bytes
MD5 Hash: 30a638a8b2fe3b33e0e1faa0397d8ea1
Identification: Host/local_checks_enabled
Require Keys: Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist
Dependencies: "ssh_get_info.nasl"
Copyright: This script is© 2007-2012 Tenable Network Security, Inc.
- Letzte Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack