‘HP-UX CIFS Server execution of Arbitrary Code and Denial of Service Vulnerabilities’

Summary

Potential security vulnerabilities have been identified with HP-UX CIFS-Server (Samba).’

Credit:

‘The original article can be found at: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02627925


Details

Vulnerable Systems:
 * HP-UX B.11.11 running HP-UX CIFS-Server (Samba) A.02.04.01 or earlier
 * HP-UX B.11.23 running HP-UX CIFS-Server (Samba) A.02.04.01 or earlier
 * HP-UX B.11.31 running HP-UX CIFS-Server (Samba) A.02.04.01 or earlier
 * HP-UX B.11.11 running HP-UX CIFS-Server (Samba) A.02.03.05 or earlier
 * HP-UX B.11.23 running HP-UX CIFS-Server (Samba) A.02.03.05 or earlier
 * HP-UX B.11.31 running HP-UX CIFS-Server (Samba) A.02.03.05 or earlier

Immune Systems:
 * HP-UX CIFS-Server (Samba) A.02.04.02 (3.0m) or subsequent.
 * HP-UX CIFS-Server (Samba) A.02.03.06 (3.0n) or subsequent.

The vulnerability could be exploited remotely to execute arbitrary code or create a Denial of Service (DoS).

CVE Information:
CVE-2010-2063

Disclosure Timeline:
Release Date: 2010-11-24
Last Updated: 2010-11-24′

Categories: UNIX