‘HP-UX Running OpenSSL Execution of Arbitrary Code and Denial of Service Vulnerabilities’

Summary

Potential security vulnerabilities have been identified with HP-UX OpenSSL.’

Credit:

‘The original article can be found at: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02629503


Details

Vulnerable Systems:
 * HP-UX B.11.11 running OpenSSL before vA.00.09.08o.
 * HP-UX B.11.23 running OpenSSL before vA.00.09.08o.
 * HP-UX B.11.31 running OpenSSL before vA.00.09.08o.

Immune Systems:
 * HP-UX running OpenSSL vA.00.09.08o or subsequent.

This vulnerability could be exploited remotely to execute arbitrary code or create a Denial of Service (DoS).

Patch Availability:
HP has provided upgrades to resolve this vulnerability. The upgrades are available from the following location:
http://software.hp.com

CVE Information:
CVE-2010-0742

Disclosure Timeline:
December 2010 – Initial release’

Categories: UNIX