Vulnerabilities > CVE-2005-3295 - Unspecified vulnerability in HP Hp-Ux 11.23
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN hp
nessus
Summary
Unspecified vulnerability in HP-UX B.11.23 on Itanium platforms allows local users to cause a denial of service due to a "specific stack size."
Nessus
NASL family HP-UX Local Security Checks NASL id HPUX_PHKL_33714.NASL description s700_800 11.23 exec(2) and setrlimit(2) system call fix : A potential security vulnerability has been identified with HP-UX running on Itanium platforms where, under certain conditions, a specific stack size prevents proper operation. This vulnerability could be exploited by a local authorized user to create a Denial of Service (DoS). last seen 2020-06-01 modified 2020-06-02 plugin id 20038 published 2005-10-19 reporter This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20038 title HP-UX PHKL_33714 : HP-UX Running on Itanium Platforms Local Denial of Service (DoS) (HPSBUX01233 SSRT5975 rev.2) code # # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHKL_33714. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # include("compat.inc"); if (description) { script_id(20038); script_version("1.13"); script_cvs_date("Date: 2018/08/10 18:07:07"); script_cve_id("CVE-2005-3295"); script_xref(name:"HP", value:"emr_na-c00587134"); script_xref(name:"HP", value:"HPSBUX01233"); script_xref(name:"HP", value:"SSRT5975"); script_name(english:"HP-UX PHKL_33714 : HP-UX Running on Itanium Platforms Local Denial of Service (DoS) (HPSBUX01233 SSRT5975 rev.2)"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.23 exec(2) and setrlimit(2) system call fix : A potential security vulnerability has been identified with HP-UX running on Itanium platforms where, under certain conditions, a specific stack size prevents proper operation. This vulnerability could be exploited by a local authorized user to create a Denial of Service (DoS)." ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00587134 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?8627456a" ); script_set_attribute( attribute:"solution", value:"Install patch PHKL_33714 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"patch_publication_date", value:"2005/09/29"); script_set_attribute(attribute:"patch_modification_date", value:"2006/01/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/10/19"); script_set_attribute(attribute:"vuln_publication_date", value:"2005/10/14"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.23", proc:"ia64")) { exit(0, "The host is not affected since PHKL_33714 applies to a different OS release / architecture."); } patches = make_list("PHKL_33714"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"OS-Core.CORE2-KRN", version:"B.11.23")) flag++; if (flag) { if (report_verbosity > 0) security_note(port:0, extra:hpux_report_get()); else security_note(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family HP-UX Local Security Checks NASL id HPUX_PHKL_33713.NASL description s700_800 11.23 exec(2) and setrlimit(2) fix : A potential security vulnerability has been identified with HP-UX running on Itanium platforms where, under certain conditions, a specific stack size prevents proper operation. This vulnerability could be exploited by a local authorized user to create a Denial of Service (DoS). last seen 2020-06-01 modified 2020-06-02 plugin id 20037 published 2005-10-19 reporter This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20037 title HP-UX PHKL_33713 : HP-UX Running on Itanium Platforms Local Denial of Service (DoS) (HPSBUX01233 SSRT5975 rev.2) code # # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHKL_33713. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # include("compat.inc"); if (description) { script_id(20037); script_version("1.15"); script_cvs_date("Date: 2018/08/10 18:07:07"); script_cve_id("CVE-2005-3295"); script_xref(name:"HP", value:"emr_na-c00587134"); script_xref(name:"HP", value:"HPSBUX01233"); script_xref(name:"HP", value:"SSRT5975"); script_name(english:"HP-UX PHKL_33713 : HP-UX Running on Itanium Platforms Local Denial of Service (DoS) (HPSBUX01233 SSRT5975 rev.2)"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.23 exec(2) and setrlimit(2) fix : A potential security vulnerability has been identified with HP-UX running on Itanium platforms where, under certain conditions, a specific stack size prevents proper operation. This vulnerability could be exploited by a local authorized user to create a Denial of Service (DoS)." ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00587134 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?8627456a" ); script_set_attribute( attribute:"solution", value:"Install patch PHKL_33713 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"patch_publication_date", value:"2005/09/29"); script_set_attribute(attribute:"patch_modification_date", value:"2006/01/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/10/19"); script_set_attribute(attribute:"vuln_publication_date", value:"2005/10/14"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.23", proc:"ia64")) { exit(0, "The host is not affected since PHKL_33713 applies to a different OS release / architecture."); } patches = make_list("PHKL_33713", "PHKL_34095", "PHKL_34432", "PHKL_44285"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"OS-Core.CORE2-KRN", version:"B.11.23")) flag++; if (flag) { if (report_verbosity > 0) security_note(port:0, extra:hpux_report_get()); else security_note(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
Oval
| accepted | 2014-03-10T04:00:52.551-04:00 | ||||||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||||||
| contributors |
| ||||||||||||||||||||||||
| description | Unspecified vulnerability in HP-UX B.11.23 on Itanium platforms allows local users to cause a denial of service due to a "specific stack size." | ||||||||||||||||||||||||
| family | unix | ||||||||||||||||||||||||
| id | oval:org.mitre.oval:def:992 | ||||||||||||||||||||||||
| status | accepted | ||||||||||||||||||||||||
| submitted | 2006-01-11T12:55:00.000-04:00 | ||||||||||||||||||||||||
| title | HP-UX Running on Itanium Platforms Local Denial of Service (DoS) | ||||||||||||||||||||||||
| version | 42 |
References
- http://secunia.com/advisories/17195
- http://secunia.com/advisories/17195
- http://securitytracker.com/id?1015050
- http://securitytracker.com/id?1015050
- http://www.auscert.org.au/render.html?it=5613
- http://www.auscert.org.au/render.html?it=5613
- http://www.osvdb.org/20014
- http://www.osvdb.org/20014
- http://www.securityfocus.com/bid/15100
- http://www.securityfocus.com/bid/15100
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A992
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A992