HP-UX PHSS_38147 : s700_800 11.X OV NNM7.53 PA-RISC Intermediate Patch 19

high Nessus Plugin ID 39377

Synopsis

The remote HP-UX host is missing a security-related patch.

Description

s700_800 11.X OV NNM7.53 PA-RISC Intermediate Patch 19 :

The remote HP-UX host is affected by multiple vulnerabilities :

- Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to gain unauthorized access or to create a Denial of Service (DoS). References: CVE-2007-3698, CVE-2007-3922, SUN Alert 102995, 102997. (HPSBMA02384 SSRT071465)

- A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to create a Denial of Service (DoS). (HPSBMA02392 SSRT071481)

- Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to allow cross site scripting (XSS). (HPSBMA02388 SSRT080059)

Solution

Install patch PHSS_38147 or subsequent.

See Also

http://www.nessus.org/u?4abf7ab6

http://www.nessus.org/u?04c58123

http://www.nessus.org/u?fb0e7f7d

Plugin Details

Severity: High

ID: 39377

File Name: hpux_PHSS_38147.nasl

Version: 1.27

Type: local

Published: 6/15/2009

Updated: 1/11/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/o:hp:hp-ux

Required KB Items: Host/local_checks_enabled, Host/HP-UX/version, Host/HP-UX/swlist

Exploit Ease: No known exploits are available

Patch Publication Date: 11/19/2008

Vulnerability Publication Date: 7/11/2007

Reference Information

CVE: CVE-2007-3698, CVE-2007-3922, CVE-2007-4349, CVE-2007-5000, CVE-2007-6388

BID: 26838, 27237

CWE: 79

HP: SSRT071465, SSRT071481, SSRT080059, emr_na-c01601492, emr_na-c01607558, emr_na-c01607570