Vulnerabilities > CVE-2013-6209 - Unspecified vulnerability in HP Hp-Ux B.11.11/B.11.23
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN hp
nessus
Summary
Unspecified vulnerability in rpc.lockd in the NFS subsystem in HP HP-UX B.11.11 and B.11.23 allows remote attackers to cause a denial of service via unknown vectors.
Nessus
NASL family HP-UX Local Security Checks NASL id HPUX_PHNE_43577.NASL description s700_800 11.11 ONC/NFS General Release/Performance Patch : A potential security vulnerability has been identified with HP-UX running NFS rpc.lockd. The vulnerability could be exploited remotely to create a Denial of Service (DoS). last seen 2020-06-01 modified 2020-06-02 plugin id 72956 published 2014-03-12 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/72956 title HP-UX PHNE_43577 : s700_800 11.11 ONC/NFS General Release/Performance Patch code # # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHNE_43577. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # include("compat.inc"); if (description) { script_id(72956); script_version("1.3"); script_cvs_date("Date: 2018/07/12 19:01:15"); script_cve_id("CVE-2013-6209"); script_bugtraq_id(66124); script_xref(name:"HP", value:"emr_na-c04174142"); script_name(english:"HP-UX PHNE_43577 : s700_800 11.11 ONC/NFS General Release/Performance Patch"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.11 ONC/NFS General Release/Performance Patch : A potential security vulnerability has been identified with HP-UX running NFS rpc.lockd. The vulnerability could be exploited remotely to create a Denial of Service (DoS)." ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c04174142 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?1d74a2dc" ); script_set_attribute( attribute:"solution", value:"Install patch PHNE_43577 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"patch_publication_date", value:"2013/06/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/03/12"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.11")) { exit(0, "The host is not affected since PHNE_43577 applies to a different OS release."); } patches = make_list("PHNE_43577"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"NFS.KEY-CORE", version:"B.11.11")) flag++; if (hpux_check_patch(app:"NFS.NFS-64ALIB", version:"B.11.11")) flag++; if (hpux_check_patch(app:"NFS.NFS-64SLIB", version:"B.11.11")) flag++; if (hpux_check_patch(app:"NFS.NFS-CLIENT", version:"B.11.11")) flag++; if (hpux_check_patch(app:"NFS.NFS-CORE", version:"B.11.11")) flag++; if (hpux_check_patch(app:"NFS.NFS-ENG-A-MAN", version:"B.11.11")) flag++; if (hpux_check_patch(app:"NFS.NFS-KRN", version:"B.11.11")) flag++; if (hpux_check_patch(app:"NFS.NFS-PRG", version:"B.11.11")) flag++; if (hpux_check_patch(app:"NFS.NFS-SERVER", version:"B.11.11")) flag++; if (hpux_check_patch(app:"NFS.NFS-SHLIBS", version:"B.11.11")) flag++; if (hpux_check_patch(app:"NFS.NIS-CLIENT", version:"B.11.11")) flag++; if (hpux_check_patch(app:"NFS.NIS-CORE", version:"B.11.11")) flag++; if (hpux_check_patch(app:"NFS.NIS-SERVER", version:"B.11.11")) flag++; if (hpux_check_patch(app:"NFS.NISPLUS-CORE", version:"B.11.11")) flag++; if (hpux_check_patch(app:"OS-Core.CORE-ENG-A-MAN", version:"B.11.11")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:hpux_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family HP-UX Local Security Checks NASL id HPUX_PHNE_43706.NASL description s700_800 11.23 Lock Manager cumulative patch : A potential security vulnerability has been identified with HP-UX running NFS rpc.lockd. The vulnerability could be exploited remotely to create a Denial of Service (DoS). last seen 2020-06-01 modified 2020-06-02 plugin id 72957 published 2014-03-12 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/72957 title HP-UX PHNE_43706 : s700_800 11.23 Lock Manager cumulative patch code # # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHNE_43706. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # include("compat.inc"); if (description) { script_id(72957); script_version("1.3"); script_cvs_date("Date: 2018/07/12 19:01:15"); script_cve_id("CVE-2013-6209"); script_bugtraq_id(66124); script_xref(name:"HP", value:"emr_na-c04174142"); script_name(english:"HP-UX PHNE_43706 : s700_800 11.23 Lock Manager cumulative patch"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.23 Lock Manager cumulative patch : A potential security vulnerability has been identified with HP-UX running NFS rpc.lockd. The vulnerability could be exploited remotely to create a Denial of Service (DoS)." ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c04174142 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?1d74a2dc" ); script_set_attribute( attribute:"solution", value:"Install patch PHNE_43706 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"patch_publication_date", value:"2013/11/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/03/12"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.23")) { exit(0, "The host is not affected since PHNE_43706 applies to a different OS release."); } patches = make_list("PHNE_43706"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"NFS.NFS-ENG-A-MAN", version:"B.11.23")) flag++; if (hpux_check_patch(app:"NFS.NFS-KRN", version:"B.11.23")) flag++; if (hpux_check_patch(app:"NFS.NFS2-CORE", version:"B.11.23")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:hpux_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
References
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04174142
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04174142
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04174142
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04174142