‘HP-UX Apache-based Web Server Multiple Vulnerabilities’

Published on December 28th, 2010
Summary

Potential security vulnerabilities have been identified with HP-UX Apache-based Web Server: Information Disclosure, Increase of Privilege and Denial of Service.’

Credit:

‘The original article can be found at: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02579879


Details

Vulnerable Systems:
 * HP-UX B.11.11 running Apache-based Web Server prior to v2.0.63.01
 * HP-UX B.11.23 running Apache-based Web Server prior to v2.0.63.01
 * HP-UX B.11.31 running Apache-based Web Server prior to v2.0.63.01

Immune Systems:
 * HP-UX running Apache-based Web Server v2.0.63.01

These vulnerabilities could be exploited locally to disclose information, increase privilege or remotely create a Denial of Service (DoS).

CVE Information:
CVE-2010-1452
CVE-2009-1956
CVE-2009-1955
CVE-2009-1891
CVE-2009-1890
CVE-2009-1195
CVE-2009-0023
CVE-2007-6203
CVE-2006-3918

Disclosure Timeline:
2010-12-06 – Last Updated
2010-12-07 – Release Date’

Categories: UNIX
Tags:

Related Posts

UNIX

‘ProFTPD Response Pool Use-After-Free Code Execution Vulnerability’

'This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the ProFTPd server.'

UNIX

‘Insight Control for Linux Multiple Vulnerabilities’

'Remote unauthorized elevation of privilege, execution of arbitrary code, encryption downgrade, information disclosure and Denial of Service (DoS) vulnerabilities were identified in Insight Control for Linux.'

UNIX

‘HP-UX Running NFS/ONCplus Denial of Service Vulnerability’

'A potential security vulnerability has been identified with NFS/ONCplus running on HP-UX.'