‘HP-UX Running OpenSSL Execution of Arbitrary Code and Denial of Service Vulnerabilities’
Summary
‘
Credit:
‘The original article can be found at: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02629503‘
Details
‘Vulnerable Systems:
* HP-UX B.11.11 running OpenSSL before vA.00.09.08o.
* HP-UX B.11.23 running OpenSSL before vA.00.09.08o.
* HP-UX B.11.31 running OpenSSL before vA.00.09.08o.
Immune Systems:
* HP-UX running OpenSSL vA.00.09.08o or subsequent.
This vulnerability could be exploited remotely to execute arbitrary code or create a Denial of Service (DoS).
Patch Availability:
HP has provided upgrades to resolve this vulnerability. The upgrades are available from the following location:
http://software.hp.com
CVE Information:
CVE-2010-0742
Disclosure Timeline:
December 2010 – Initial release’