CVE-2005-4451 - HP-UX Software Distributor Unspecified Remote Unauthorized Access Vulnerability

Publication

2005-12-21

Last modification

2018-10-19

Summary

Unspecified vulnerability in Software Distributor in HP-UX B.11.11 allows remote attackers to gain access via unspecified attack vectors.

Description

HP-UX Software Distributor (SD) is prone to an unspecified remote unauthorized access vulnerability.Due to a lack of information, further details cannot be provided at the moment. This BID will be updated when more information is available.

Solution

HP has released advisory HPSBUX02089 SSRT5983 rev.1 - HP-UX Running Software Distributor (SD) Remote Unauthorized Access to address this issue. Please see the referenced advisory for more information. Avaya has released an advisory stating that Predictive Dialing System is affected by this vulnerability. Avaya advises affected users to install the HP patch to address the issue. Please see the attached Avaya advisory for further details. Avaya Predictive Dialing System (PDS) 12.0 HP PHCO_33822 http://itrc.hp.com

Exploit

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: info@vumetric.com <mailto:info@vumetric.com>.

Risk level (CVSS AV:N/AC:L/Au:N/C:P/I:P/A:P)

High

7.5

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

OVAL definition

{
    "accepted": "2014-03-24T04:01:43.736-04:00",
    "class": "vulnerability",
    "contributors": [
        {
            "name": "Michael Wood",
            "organization": "Hewlett-Packard"
        },
        {
            "name": "Sushant Kumar Singh",
            "organization": "Hewlett-Packard"
        }
    ],
    "description": "Unspecified vulnerability in Software Distributor in HP-UX B.11.11 allows remote attackers to gain access via unspecified attack vectors.",
    "family": "unix",
    "id": "oval:org.mitre.oval:def:5638",
    "status": "accepted",
    "submitted": "2008-07-07T16:38:36.000-04:00",
    "title": "HP-UX Running Software Distributor (SD) Remote Unauthorized Access",
    "version": "36"
}

Affected Products

Vendor Product Versions
HP HP UX  11.11