11.23

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

nessus

NVD

Published: 2005-11-16

Updated: 2017-10-11

Summary

Unknown vulnerability in remshd daemon in HP-UX B.11.00, B.11.11, and B.11.23 while running in "Trusted Mode" allows remote attackers to gain unauthorized system access via unknown attack vectors.

Vulnerable Configurations

Part	Description	Count
OS	Hp HP HP UX 11.00 HP HP UX 11.11 HP HP UX 11.23	3

Nessus

NASL family	HP-UX Local Security Checks
NASL id	HPUX_PHNE_33792.NASL
description	s700_800 11.23 r-commands cumulative mega-patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running the LP subsystem. The vulnerability could be exploited by a remote user to create a Denial of Service (DoS). (HPSBUX02139 SSRT5981) - A potential vulnerability hs been identified with HP-UX systems running in Trusted Mode. The vulnerability could be exploited remotely to gain unauthorized access. (HPSBUX02072 SSRT051014)
last seen	2020-06-01
modified	2020-06-02
plugin id	20203
published	2005-11-15
reporter	This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/20203
title	HP-UX PHNE_33792 : s700_800 11.23 r-commands cumulative mega-patch
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHNE_33792. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # include("compat.inc"); if (description) { script_id(20203); script_version("1.15"); script_cvs_date("Date: 2018/08/10 18:07:07"); script_cve_id("CVE-2005-3565", "CVE-2006-4188"); script_xref(name:"HP", value:"emr_na-c00543854"); script_xref(name:"HP", value:"emr_na-c00746980"); script_xref(name:"HP", value:"HPSBUX02072"); script_xref(name:"HP", value:"HPSBUX02139"); script_xref(name:"HP", value:"SSRT051014"); script_xref(name:"HP", value:"SSRT5981"); script_name(english:"HP-UX PHNE_33792 : s700_800 11.23 r-commands cumulative mega-patch"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.23 r-commands cumulative mega-patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running the LP subsystem. The vulnerability could be exploited by a remote user to create a Denial of Service (DoS). (HPSBUX02139 SSRT5981) - A potential vulnerability hs been identified with HP-UX systems running in Trusted Mode. The vulnerability could be exploited remotely to gain unauthorized access. (HPSBUX02072 SSRT051014)" ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00543854 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?06b15d64" ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00746980 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?767d3fa2" ); script_set_attribute( attribute:"solution", value:"Install patch PHNE_33792 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"patch_publication_date", value:"2006/08/11"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/11/15"); script_set_attribute(attribute:"vuln_publication_date", value:"2005/11/08"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.23")) { exit(0, "The host is not affected since PHNE_33792 applies to a different OS release."); } patches = make_list("PHNE_33792", "PHNE_34150", "PHNE_40889"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"InternetSrvcs.INET-ENG-A-MAN", version:"B.11.23")) flag++; if (hpux_check_patch(app:"InternetSrvcs.INETSVCS2-RUN", version:"B.11.23")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	HP-UX Local Security Checks
NASL id	HPUX_PHNE_33790.NASL
description	s700_800 11.00 r-commands cumulative mega-patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential vulnerability hs been identified with HP-UX systems running in Trusted Mode. The vulnerability could be exploited remotely to gain unauthorized access. (HPSBUX02072 SSRT051014) - A potential security vulnerability has been identified with HP-UX running the LP subsystem. The vulnerability could be exploited by a remote user to create a Denial of Service (DoS). (HPSBUX02139 SSRT5981)
last seen	2020-06-01
modified	2020-06-02
plugin id	20201
published	2005-11-15
reporter	This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/20201
title	HP-UX PHNE_33790 : s700_800 11.00 r-commands cumulative mega-patch
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHNE_33790. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # include("compat.inc"); if (description) { script_id(20201); script_version("1.13"); script_cvs_date("Date: 2018/08/10 18:07:07"); script_cve_id("CVE-2005-3565", "CVE-2006-4188"); script_xref(name:"HP", value:"emr_na-c00543854"); script_xref(name:"HP", value:"emr_na-c00746980"); script_xref(name:"HP", value:"HPSBUX02072"); script_xref(name:"HP", value:"HPSBUX02139"); script_xref(name:"HP", value:"SSRT051014"); script_xref(name:"HP", value:"SSRT5981"); script_name(english:"HP-UX PHNE_33790 : s700_800 11.00 r-commands cumulative mega-patch"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.00 r-commands cumulative mega-patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential vulnerability hs been identified with HP-UX systems running in Trusted Mode. The vulnerability could be exploited remotely to gain unauthorized access. (HPSBUX02072 SSRT051014) - A potential security vulnerability has been identified with HP-UX running the LP subsystem. The vulnerability could be exploited by a remote user to create a Denial of Service (DoS). (HPSBUX02139 SSRT5981)" ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00543854 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?06b15d64" ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00746980 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?767d3fa2" ); script_set_attribute( attribute:"solution", value:"Install patch PHNE_33790 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"patch_publication_date", value:"2006/08/11"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/11/15"); script_set_attribute(attribute:"vuln_publication_date", value:"2005/11/08"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.00")) { exit(0, "The host is not affected since PHNE_33790 applies to a different OS release."); } patches = make_list("PHNE_33790"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"InternetSrvcs.INET-ENG-A-MAN", version:"B.11.00")) flag++; if (hpux_check_patch(app:"InternetSrvcs.INETSVCS-RUN", version:"B.11.00")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	HP-UX Local Security Checks
NASL id	HPUX_PHNE_33791.NASL
description	s700_800 11.11 r-commands cumulative mega-patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential vulnerability hs been identified with HP-UX systems running in Trusted Mode. The vulnerability could be exploited remotely to gain unauthorized access. (HPSBUX02072 SSRT051014) - A potential security vulnerability has been identified with HP-UX running the LP subsystem. The vulnerability could be exploited by a remote user to create a Denial of Service (DoS). (HPSBUX02139 SSRT5981)
last seen	2020-06-01
modified	2020-06-02
plugin id	20202
published	2005-11-15
reporter	This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/20202
title	HP-UX PHNE_33791 : s700_800 11.11 r-commands cumulative mega-patch
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHNE_33791. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # include("compat.inc"); if (description) { script_id(20202); script_version("1.15"); script_cvs_date("Date: 2018/08/10 18:07:07"); script_cve_id("CVE-2005-3565", "CVE-2006-4188"); script_xref(name:"HP", value:"emr_na-c00543854"); script_xref(name:"HP", value:"emr_na-c00746980"); script_xref(name:"HP", value:"HPSBUX02072"); script_xref(name:"HP", value:"HPSBUX02139"); script_xref(name:"HP", value:"SSRT051014"); script_xref(name:"HP", value:"SSRT5981"); script_name(english:"HP-UX PHNE_33791 : s700_800 11.11 r-commands cumulative mega-patch"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.11 r-commands cumulative mega-patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential vulnerability hs been identified with HP-UX systems running in Trusted Mode. The vulnerability could be exploited remotely to gain unauthorized access. (HPSBUX02072 SSRT051014) - A potential security vulnerability has been identified with HP-UX running the LP subsystem. The vulnerability could be exploited by a remote user to create a Denial of Service (DoS). (HPSBUX02139 SSRT5981)" ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00543854 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?06b15d64" ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00746980 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?767d3fa2" ); script_set_attribute( attribute:"solution", value:"Install patch PHNE_33791 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"patch_publication_date", value:"2006/08/11"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/11/15"); script_set_attribute(attribute:"vuln_publication_date", value:"2005/11/08"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.11")) { exit(0, "The host is not affected since PHNE_33791 applies to a different OS release."); } patches = make_list("PHNE_33791", "PHNE_33793", "PHNE_36211"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"InternetSrvcs.INET-ENG-A-MAN", version:"B.11.11")) flag++; if (hpux_check_patch(app:"InternetSrvcs.INETSVCS-RUN", version:"B.11.11")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

Oval

accepted

2010-09-20T04:00:06.446-04:00

class

vulnerability

contributors

name Robert L. Hollis
organization ThreatGuard, Inc.
name Todd Dolinsky
organization Opsware, Inc.
name Jonathan Baker
organization The MITRE Corporation

description

Unknown vulnerability in remshd daemon in HP-UX B.11.00, B.11.11, and B.11.23 while running in "Trusted Mode" allows remote attackers to gain unauthorized system access via unknown attack vectors.

family

unix

oval:org.mitre.oval:def:1151

status

accepted

submitted

2005-11-30T12:00:00.000-04:00

title

HP-UX Trusted Mode remshd Remote Unauthorized Access (B.11.11)

version

accepted

2010-09-20T04:00:15.155-04:00

class

vulnerability

contributors

name Robert L. Hollis
organization ThreatGuard, Inc.
name Todd Dolinsky
organization Opsware, Inc.
name Jonathan Baker
organization The MITRE Corporation

description

Unknown vulnerability in remshd daemon in HP-UX B.11.00, B.11.11, and B.11.23 while running in "Trusted Mode" allows remote attackers to gain unauthorized system access via unknown attack vectors.

family

unix

oval:org.mitre.oval:def:1576

status

accepted

submitted

2005-11-30T12:00:00.000-04:00

title

HP-UX Trusted Mode remshd Remote Unauthorized Access (B.11.23)

version

accepted

2014-03-24T04:01:56.657-04:00

class

vulnerability

contributors

name Robert L. Hollis
organization ThreatGuard, Inc.
name Todd Dolinsky
organization Opsware, Inc.
name Michael Wood
organization Hewlett-Packard
name Sushant Kumar Singh
organization Hewlett-Packard
name Sushant Kumar Singh
organization Hewlett-Packard

description

Unknown vulnerability in remshd daemon in HP-UX B.11.00, B.11.11, and B.11.23 while running in "Trusted Mode" allows remote attackers to gain unauthorized system access via unknown attack vectors.

family

unix

oval:org.mitre.oval:def:766

status

accepted

submitted

2005-11-30T12:00:00.000-04:00

title

HP-UX Trusted Mode remshd, Remote Unauthorized Access

version

Summary

Vulnerable Configurations

Nessus

Oval

References