HP-UX PHCO_40520 : HP-UX Running VRTSweb, Remote Execution of Arbitrary Code, Increase of Privilege (HPSBUX02480 SSRT090253 rev.1)

critical Nessus Plugin ID 43131

Synopsis

The remote HP-UX host is missing a security-related patch.

Description

s700_800 11.31 VRTS 5.0.1 GARP1 VRTSweb Patch :

A potential security vulnerability has been identified with HP-UX running VRTSweb version 5.0. The vulnerability could be exploited remotely to execute arbitrary code or increase privilege.

Solution

Install patch PHCO_40520 or subsequent.

See Also

http://www.nessus.org/u?b8782b2e

Plugin Details

Severity: Critical

ID: 43131

File Name: hpux_PHCO_40520.nasl

Version: 1.13

Type: local

Published: 12/14/2009

Updated: 1/11/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:hp:hp-ux

Required KB Items: Host/local_checks_enabled, Host/HP-UX/version, Host/HP-UX/swlist

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/9/2009

Vulnerability Publication Date: 12/11/2009

Exploitable With

Core Impact

Reference Information

CVE: CVE-2009-3027

CWE: 287

HP: HPSBUX02480, SSRT090253, emr_na-c01943614