‘HP-UX Running OpenSSL Execution of Arbitrary Code and Denial of Service Vulnerabilities’

Published on December 31st, 2010
Summary

Potential security vulnerabilities have been identified with HP-UX OpenSSL.’

Credit:

‘The original article can be found at: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02629503


Details

Vulnerable Systems:
 * HP-UX B.11.11 running OpenSSL before vA.00.09.08o.
 * HP-UX B.11.23 running OpenSSL before vA.00.09.08o.
 * HP-UX B.11.31 running OpenSSL before vA.00.09.08o.

Immune Systems:
 * HP-UX running OpenSSL vA.00.09.08o or subsequent.

This vulnerability could be exploited remotely to execute arbitrary code or create a Denial of Service (DoS).

Patch Availability:
HP has provided upgrades to resolve this vulnerability. The upgrades are available from the following location:
http://software.hp.com

CVE Information:
CVE-2010-0742

Disclosure Timeline:
December 2010 – Initial release’

Categories: UNIX
Tags:

Related Posts

UNIX

‘ProFTPD Response Pool Use-After-Free Code Execution Vulnerability’

'This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the ProFTPd server.'

UNIX

‘Insight Control for Linux Multiple Vulnerabilities’

'Remote unauthorized elevation of privilege, execution of arbitrary code, encryption downgrade, information disclosure and Denial of Service (DoS) vulnerabilities were identified in Insight Control for Linux.'

UNIX

‘HP-UX Running NFS/ONCplus Denial of Service Vulnerability’

'A potential security vulnerability has been identified with NFS/ONCplus running on HP-UX.'