Search...

HP-UX PHNE_35729 : HP-UX Running ARPA Transport, Local Denial of Service (DoS) (HPSBUX02205 SSRT061120 rev.1)

2007-09-25T00:00:00

ID HPUX_PHNE_35729.NASL
Type nessus
Reporter Tenable
Modified 2018-08-10T00:00:00

Description

s700_800 11.00 cumulative ARPA Transport patch :

A potential security vulnerability has been identified with HP-UX running ARPA Transport. The vulnerability could be exploited by a local user to create a Denial of Service (DoS).

                                        
                                            #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and patch checks in this plugin were 
# extracted from HP patch PHNE_35729. The text itself is
# copyright (C) Hewlett-Packard Development Company, L.P.
#

include("compat.inc");

if (description)
{
  script_id(26136);
  script_version("1.11");
  script_cvs_date("Date: 2018/08/10 18:07:07");

  script_cve_id("CVE-2007-1994");
  script_xref(name:"HP", value:"emr_na-c00944467");
  script_xref(name:"HP", value:"HPSBUX02205");
  script_xref(name:"HP", value:"SSRT061120");

  script_name(english:"HP-UX PHNE_35729 : HP-UX Running ARPA Transport, Local Denial of Service (DoS) (HPSBUX02205 SSRT061120 rev.1)");
  script_summary(english:"Checks for the patch in the swlist output");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote HP-UX host is missing a security-related patch."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"s700_800 11.00 cumulative ARPA Transport patch : 

A potential security vulnerability has been identified with HP-UX
running ARPA Transport. The vulnerability could be exploited by a
local user to create a Denial of Service (DoS)."
  );
  # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00944467
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?993c4284"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Install patch PHNE_35729 or subsequent."
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux");

  script_set_attribute(attribute:"patch_publication_date", value:"2007/04/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2007/09/25");
  script_set_attribute(attribute:"vuln_publication_date", value:"2007/04/03");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.");
  script_family(english:"HP-UX Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("hpux.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX");
if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING);

if (!hpux_check_ctx(ctx:"11.00"))
{
  exit(0, "The host is not affected since PHNE_35729 applies to a different OS release.");
}

patches = make_list("PHNE_35729");
foreach patch (patches)
{
  if (hpux_installed(app:patch))
  {
    exit(0, "The host is not affected because patch "+patch+" is installed.");
  }
}


flag = 0;
if (hpux_check_patch(app:"Networking.NET-KRN", version:"B.11.00")) flag++;
if (hpux_check_patch(app:"Networking.NET-PRG", version:"B.11.00")) flag++;
if (hpux_check_patch(app:"Networking.NET-RUN", version:"B.11.00")) flag++;
if (hpux_check_patch(app:"Networking.NET2-KRN", version:"B.11.00")) flag++;
if (hpux_check_patch(app:"Networking.NMS2-KRN", version:"B.11.00")) flag++;
if (hpux_check_patch(app:"OS-Core.CORE2-KRN", version:"B.11.00")) flag++;


if (flag)
{
  if (report_verbosity &gt; 0) security_warning(port:0, extra:hpux_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

JSON Vulners Source

Initial Source

{"id": "HPUX_PHNE_35729.NASL", "bulletinFamily": "scanner", "title": "HP-UX PHNE_35729 : HP-UX Running ARPA Transport, Local Denial of Service (DoS) (HPSBUX02205 SSRT061120 rev.1)", "description": "s700_800 11.00 cumulative ARPA Transport patch : \n\nA potential security vulnerability has been identified with HP-UX\nrunning ARPA Transport. The vulnerability could be exploited by a\nlocal user to create a Denial of Service (DoS).", "published": "2007-09-25T00:00:00", "modified": "2018-08-10T00:00:00", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=26136", "reporter": "Tenable", "references": ["http://www.nessus.org/u?993c4284"], "cvelist": ["CVE-2007-1994"], "type": "nessus", "lastseen": "2019-01-16T20:07:29", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2007-1994"], "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "s700_800 11.00 cumulative ARPA Transport patch : \n\nA potential security vulnerability has been identified with HP-UX running ARPA Transport. The vulnerability could be exploited by a local user to create a Denial of Service (DoS).", "edition": 1, "enchantments": {}, "hash": "3e2bba207bdde9c13bda306b705c2a1b9ac80db97e667712166ebbd2af55d30a", "hashmap": [{"hash": "91b65a75efaaa6c29c7ded1593d4460f", "key": "modified"}, {"hash": "cf9c097ed097647011657b9fb17ef22b", "key": "sourceData"}, {"hash": "97abbfd0cfbdd50268d3b718c8f1a978", "key": "description"}, {"hash": "74a9013d7b74ca4a87c9f6ae51956d66", "key": "pluginID"}, {"hash": "f537a8c4c2a2ecce05af223984a006fc", "key": "naslFamily"}, {"hash": "75acff42350108f057c8aa83b657d0ee", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "f64e21f4bc1ea312d8dd4cd406920b07", "key": "references"}, {"hash": "9cb44b302e46d3157d43099b6d313ff3", "key": "title"}, {"hash": "cd0eaca54e214fca175fe3ab907f0071", "key": "href"}, {"hash": "15a577a59745e84025714151ae64c2e8", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "5bffa5d677745aa32bbe998246dee3b1", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=26136", "id": "HPUX_PHNE_35729.NASL", "lastseen": "2016-09-26T17:25:28", "modified": "2014-03-12T00:00:00", "naslFamily": "HP-UX Local Security Checks", "objectVersion": "1.2", "pluginID": "26136", "published": "2007-09-25T00:00:00", "references": ["http://www.nessus.org/u?993c4284"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHNE_35729. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(26136);\n script_version(\"$Revision: 1.10 $\");\n script_cvs_date(\"$Date: 2014/03/12 15:37:24 $\");\n\n script_cve_id(\"CVE-2007-1994\");\n script_osvdb_id(35306);\n script_xref(name:\"HP\", value:\"emr_na-c00944467\");\n script_xref(name:\"HP\", value:\"HPSBUX02205\");\n script_xref(name:\"HP\", value:\"SSRT061120\");\n\n script_name(english:\"HP-UX PHNE_35729 : HP-UX Running ARPA Transport, Local Denial of Service (DoS) (HPSBUX02205 SSRT061120 rev.1)\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.00 cumulative ARPA Transport patch : \n\nA potential security vulnerability has been identified with HP-UX\nrunning ARPA Transport. The vulnerability could be exploited by a\nlocal user to create a Denial of Service (DoS).\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00944467\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?993c4284\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHNE_35729 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/25\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/04/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.00\"))\n{\n exit(0, \"The host is not affected since PHNE_35729 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHNE_35729\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"Networking.NET-KRN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"Networking.NET-PRG\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"Networking.NET-RUN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"Networking.NET2-KRN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"Networking.NMS2-KRN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"OS-Core.CORE2-KRN\", version:\"B.11.00\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:hpux_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "HP-UX PHNE_35729 : HP-UX Running ARPA Transport, Local Denial of Service (DoS) (HPSBUX02205 SSRT061120 rev.1)", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:25:28"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:hp:hp-ux"], "cvelist": ["CVE-2007-1994"], "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "s700_800 11.00 cumulative ARPA Transport patch : \n\nA potential security vulnerability has been identified with HP-UX running ARPA Transport. The vulnerability could be exploited by a local user to create a Denial of Service (DoS).", "edition": 3, "enchantments": {"score": {"value": 2.1, "vector": "NONE"}}, "hash": "3525b7b56b1a38658466c3d27a3ca5063b322beeef4fea9af1cba643eaabaaf8", "hashmap": [{"hash": "9c6fe61712654f56360b12011e3de300", "key": "modified"}, {"hash": "97abbfd0cfbdd50268d3b718c8f1a978", "key": "description"}, {"hash": "74a9013d7b74ca4a87c9f6ae51956d66", "key": "pluginID"}, {"hash": "f537a8c4c2a2ecce05af223984a006fc", "key": "naslFamily"}, {"hash": "75acff42350108f057c8aa83b657d0ee", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "f64e21f4bc1ea312d8dd4cd406920b07", "key": "references"}, {"hash": "9cb44b302e46d3157d43099b6d313ff3", "key": "title"}, {"hash": "cd0eaca54e214fca175fe3ab907f0071", "key": "href"}, {"hash": "afe57d0304e958202be29619fb28e901", "key": "cpe"}, {"hash": "15a577a59745e84025714151ae64c2e8", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "5bffa5d677745aa32bbe998246dee3b1", "key": "published"}, {"hash": "ff7f13da9324659bb9dc8f75ac2d79d6", "key": "sourceData"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=26136", "id": "HPUX_PHNE_35729.NASL", "lastseen": "2018-08-11T09:22:01", "modified": "2018-08-10T00:00:00", "naslFamily": "HP-UX Local Security Checks", "objectVersion": "1.3", "pluginID": "26136", "published": "2007-09-25T00:00:00", "references": ["http://www.nessus.org/u?993c4284"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHNE_35729. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(26136);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/08/10 18:07:07\");\n\n script_cve_id(\"CVE-2007-1994\");\n script_xref(name:\"HP\", value:\"emr_na-c00944467\");\n script_xref(name:\"HP\", value:\"HPSBUX02205\");\n script_xref(name:\"HP\", value:\"SSRT061120\");\n\n script_name(english:\"HP-UX PHNE_35729 : HP-UX Running ARPA Transport, Local Denial of Service (DoS) (HPSBUX02205 SSRT061120 rev.1)\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.00 cumulative ARPA Transport patch : \n\nA potential security vulnerability has been identified with HP-UX\nrunning ARPA Transport. The vulnerability could be exploited by a\nlocal user to create a Denial of Service (DoS).\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00944467\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?993c4284\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHNE_35729 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/25\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/04/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.00\"))\n{\n exit(0, \"The host is not affected since PHNE_35729 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHNE_35729\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"Networking.NET-KRN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"Networking.NET-PRG\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"Networking.NET-RUN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"Networking.NET2-KRN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"Networking.NMS2-KRN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"OS-Core.CORE2-KRN\", version:\"B.11.00\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:hpux_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "HP-UX PHNE_35729 : HP-UX Running ARPA Transport, Local Denial of Service (DoS) (HPSBUX02205 SSRT061120 rev.1)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-11T09:22:01"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:hp:hp-ux"], "cvelist": ["CVE-2007-1994"], "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "s700_800 11.00 cumulative ARPA Transport patch : \n\nA potential security vulnerability has been identified with HP-UX running ARPA Transport. The vulnerability could be exploited by a local user to create a Denial of Service (DoS).", "edition": 5, "enchantments": {"score": {"value": 2.1, "vector": "NONE"}}, "hash": "3525b7b56b1a38658466c3d27a3ca5063b322beeef4fea9af1cba643eaabaaf8", "hashmap": [{"hash": "9c6fe61712654f56360b12011e3de300", "key": "modified"}, {"hash": "97abbfd0cfbdd50268d3b718c8f1a978", "key": "description"}, {"hash": "74a9013d7b74ca4a87c9f6ae51956d66", "key": "pluginID"}, {"hash": "f537a8c4c2a2ecce05af223984a006fc", "key": "naslFamily"}, {"hash": "75acff42350108f057c8aa83b657d0ee", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "f64e21f4bc1ea312d8dd4cd406920b07", "key": "references"}, {"hash": "9cb44b302e46d3157d43099b6d313ff3", "key": "title"}, {"hash": "cd0eaca54e214fca175fe3ab907f0071", "key": "href"}, {"hash": "afe57d0304e958202be29619fb28e901", "key": "cpe"}, {"hash": "15a577a59745e84025714151ae64c2e8", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "5bffa5d677745aa32bbe998246dee3b1", "key": "published"}, {"hash": "ff7f13da9324659bb9dc8f75ac2d79d6", "key": "sourceData"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=26136", "id": "HPUX_PHNE_35729.NASL", "lastseen": "2018-09-01T23:55:52", "modified": "2018-08-10T00:00:00", "naslFamily": "HP-UX Local Security Checks", "objectVersion": "1.3", "pluginID": "26136", "published": "2007-09-25T00:00:00", "references": ["http://www.nessus.org/u?993c4284"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHNE_35729. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(26136);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/08/10 18:07:07\");\n\n script_cve_id(\"CVE-2007-1994\");\n script_xref(name:\"HP\", value:\"emr_na-c00944467\");\n script_xref(name:\"HP\", value:\"HPSBUX02205\");\n script_xref(name:\"HP\", value:\"SSRT061120\");\n\n script_name(english:\"HP-UX PHNE_35729 : HP-UX Running ARPA Transport, Local Denial of Service (DoS) (HPSBUX02205 SSRT061120 rev.1)\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.00 cumulative ARPA Transport patch : \n\nA potential security vulnerability has been identified with HP-UX\nrunning ARPA Transport. The vulnerability could be exploited by a\nlocal user to create a Denial of Service (DoS).\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00944467\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?993c4284\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHNE_35729 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/25\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/04/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.00\"))\n{\n exit(0, \"The host is not affected since PHNE_35729 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHNE_35729\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"Networking.NET-KRN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"Networking.NET-PRG\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"Networking.NET-RUN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"Networking.NET2-KRN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"Networking.NMS2-KRN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"OS-Core.CORE2-KRN\", version:\"B.11.00\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:hpux_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "HP-UX PHNE_35729 : HP-UX Running ARPA Transport, Local Denial of Service (DoS) (HPSBUX02205 SSRT061120 rev.1)", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 5, "lastseen": "2018-09-01T23:55:52"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:hp:hp-ux"], "cvelist": ["CVE-2007-1994"], "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "s700_800 11.00 cumulative ARPA Transport patch : \n\nA potential security vulnerability has been identified with HP-UX running ARPA Transport. The vulnerability could be exploited by a local user to create a Denial of Service (DoS).", "edition": 2, "enchantments": {"score": {"value": 2.1, "vector": "NONE"}}, "hash": "c5607111e6fe916bf66177594c395d9d56be51c3f31bebcc2cad4087c84bca23", "hashmap": [{"hash": "91b65a75efaaa6c29c7ded1593d4460f", "key": "modified"}, {"hash": "cf9c097ed097647011657b9fb17ef22b", "key": "sourceData"}, {"hash": "97abbfd0cfbdd50268d3b718c8f1a978", "key": "description"}, {"hash": "74a9013d7b74ca4a87c9f6ae51956d66", "key": "pluginID"}, {"hash": "f537a8c4c2a2ecce05af223984a006fc", "key": "naslFamily"}, {"hash": "75acff42350108f057c8aa83b657d0ee", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "f64e21f4bc1ea312d8dd4cd406920b07", "key": "references"}, {"hash": "9cb44b302e46d3157d43099b6d313ff3", "key": "title"}, {"hash": "cd0eaca54e214fca175fe3ab907f0071", "key": "href"}, {"hash": "afe57d0304e958202be29619fb28e901", "key": "cpe"}, {"hash": "15a577a59745e84025714151ae64c2e8", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "5bffa5d677745aa32bbe998246dee3b1", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=26136", "id": "HPUX_PHNE_35729.NASL", "lastseen": "2017-10-29T13:41:13", "modified": "2014-03-12T00:00:00", "naslFamily": "HP-UX Local Security Checks", "objectVersion": "1.3", "pluginID": "26136", "published": "2007-09-25T00:00:00", "references": ["http://www.nessus.org/u?993c4284"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHNE_35729. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(26136);\n script_version(\"$Revision: 1.10 $\");\n script_cvs_date(\"$Date: 2014/03/12 15:37:24 $\");\n\n script_cve_id(\"CVE-2007-1994\");\n script_osvdb_id(35306);\n script_xref(name:\"HP\", value:\"emr_na-c00944467\");\n script_xref(name:\"HP\", value:\"HPSBUX02205\");\n script_xref(name:\"HP\", value:\"SSRT061120\");\n\n script_name(english:\"HP-UX PHNE_35729 : HP-UX Running ARPA Transport, Local Denial of Service (DoS) (HPSBUX02205 SSRT061120 rev.1)\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.00 cumulative ARPA Transport patch : \n\nA potential security vulnerability has been identified with HP-UX\nrunning ARPA Transport. The vulnerability could be exploited by a\nlocal user to create a Denial of Service (DoS).\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00944467\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?993c4284\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHNE_35729 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/25\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/04/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.00\"))\n{\n exit(0, \"The host is not affected since PHNE_35729 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHNE_35729\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"Networking.NET-KRN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"Networking.NET-PRG\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"Networking.NET-RUN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"Networking.NET2-KRN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"Networking.NMS2-KRN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"OS-Core.CORE2-KRN\", version:\"B.11.00\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:hpux_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "HP-UX PHNE_35729 : HP-UX Running ARPA Transport, Local Denial of Service (DoS) (HPSBUX02205 SSRT061120 rev.1)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-10-29T13:41:13"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:hp:hp-ux"], "cvelist": ["CVE-2007-1994"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "s700_800 11.00 cumulative ARPA Transport patch : \n\nA potential security vulnerability has been identified with HP-UX running ARPA Transport. The vulnerability could be exploited by a local user to create a Denial of Service (DoS).", "edition": 4, "enchantments": {"score": {"value": 2.1, "vector": "NONE"}}, "hash": "324359cd278b7f796f927a44443782e168bdf176be4ab4fdda3ee9a4930b682a", "hashmap": [{"hash": "9c6fe61712654f56360b12011e3de300", "key": "modified"}, {"hash": "97abbfd0cfbdd50268d3b718c8f1a978", "key": "description"}, {"hash": "74a9013d7b74ca4a87c9f6ae51956d66", "key": "pluginID"}, {"hash": "f537a8c4c2a2ecce05af223984a006fc", "key": "naslFamily"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "f64e21f4bc1ea312d8dd4cd406920b07", "key": "references"}, {"hash": "9cb44b302e46d3157d43099b6d313ff3", "key": "title"}, {"hash": "cd0eaca54e214fca175fe3ab907f0071", "key": "href"}, {"hash": "afe57d0304e958202be29619fb28e901", "key": "cpe"}, {"hash": "15a577a59745e84025714151ae64c2e8", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "5bffa5d677745aa32bbe998246dee3b1", "key": "published"}, {"hash": "ff7f13da9324659bb9dc8f75ac2d79d6", "key": "sourceData"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=26136", "id": "HPUX_PHNE_35729.NASL", "lastseen": "2018-08-30T19:48:56", "modified": "2018-08-10T00:00:00", "naslFamily": "HP-UX Local Security Checks", "objectVersion": "1.3", "pluginID": "26136", "published": "2007-09-25T00:00:00", "references": ["http://www.nessus.org/u?993c4284"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHNE_35729. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(26136);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/08/10 18:07:07\");\n\n script_cve_id(\"CVE-2007-1994\");\n script_xref(name:\"HP\", value:\"emr_na-c00944467\");\n script_xref(name:\"HP\", value:\"HPSBUX02205\");\n script_xref(name:\"HP\", value:\"SSRT061120\");\n\n script_name(english:\"HP-UX PHNE_35729 : HP-UX Running ARPA Transport, Local Denial of Service (DoS) (HPSBUX02205 SSRT061120 rev.1)\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.00 cumulative ARPA Transport patch : \n\nA potential security vulnerability has been identified with HP-UX\nrunning ARPA Transport. The vulnerability could be exploited by a\nlocal user to create a Denial of Service (DoS).\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00944467\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?993c4284\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHNE_35729 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/25\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/04/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.00\"))\n{\n exit(0, \"The host is not affected since PHNE_35729 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHNE_35729\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"Networking.NET-KRN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"Networking.NET-PRG\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"Networking.NET-RUN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"Networking.NET2-KRN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"Networking.NMS2-KRN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"OS-Core.CORE2-KRN\", version:\"B.11.00\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:hpux_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "HP-UX PHNE_35729 : HP-UX Running ARPA Transport, Local Denial of Service (DoS) (HPSBUX02205 SSRT061120 rev.1)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-08-30T19:48:56"}], "edition": 6, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "afe57d0304e958202be29619fb28e901"}, {"key": "cvelist", "hash": "15a577a59745e84025714151ae64c2e8"}, {"key": "cvss", "hash": "75acff42350108f057c8aa83b657d0ee"}, {"key": "description", "hash": "1fab847d404556c2bb046b8be4ff4d3f"}, {"key": "href", "hash": "cd0eaca54e214fca175fe3ab907f0071"}, {"key": "modified", "hash": "9c6fe61712654f56360b12011e3de300"}, {"key": "naslFamily", "hash": "f537a8c4c2a2ecce05af223984a006fc"}, {"key": "pluginID", "hash": "74a9013d7b74ca4a87c9f6ae51956d66"}, {"key": "published", "hash": "5bffa5d677745aa32bbe998246dee3b1"}, {"key": "references", "hash": "f64e21f4bc1ea312d8dd4cd406920b07"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "ff7f13da9324659bb9dc8f75ac2d79d6"}, {"key": "title", "hash": "9cb44b302e46d3157d43099b6d313ff3"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "b83e62640bf201b9ce98dd30ee29e24d9ebda6856ba8e53ea0790f082d97fb54", "viewCount": 0, "enchantments": {"score": {"value": 2.1, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-1994"]}, {"type": "osvdb", "idList": ["OSVDB:35306"]}, {"type": "openvas", "idList": ["OPENVAS:835107", "OPENVAS:1361412562310835107"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:7241"]}], "modified": "2019-01-16T20:07:29"}, "vulnersScore": 2.1}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHNE_35729. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(26136);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/08/10 18:07:07\");\n\n script_cve_id(\"CVE-2007-1994\");\n script_xref(name:\"HP\", value:\"emr_na-c00944467\");\n script_xref(name:\"HP\", value:\"HPSBUX02205\");\n script_xref(name:\"HP\", value:\"SSRT061120\");\n\n script_name(english:\"HP-UX PHNE_35729 : HP-UX Running ARPA Transport, Local Denial of Service (DoS) (HPSBUX02205 SSRT061120 rev.1)\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.00 cumulative ARPA Transport patch : \n\nA potential security vulnerability has been identified with HP-UX\nrunning ARPA Transport. The vulnerability could be exploited by a\nlocal user to create a Denial of Service (DoS).\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00944467\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?993c4284\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHNE_35729 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/25\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/04/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.00\"))\n{\n exit(0, \"The host is not affected since PHNE_35729 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHNE_35729\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"Networking.NET-KRN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"Networking.NET-PRG\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"Networking.NET-RUN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"Networking.NET2-KRN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"Networking.NMS2-KRN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"OS-Core.CORE2-KRN\", version:\"B.11.00\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:hpux_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "HP-UX Local Security Checks", "pluginID": "26136", "cpe": ["cpe:/o:hp:hp-ux"]}

{"cve": [{"lastseen": "2017-10-11T11:07:06", "bulletinFamily": "NVD", "description": "Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.00 allows local users to cause a denial of service via unknown vectors. NOTE: due to lack of vendor details, it is not clear whether this is the same as CVE-2007-0916.", "modified": "2017-10-10T21:32:03", "published": "2007-04-12T06:19:00", "id": "CVE-2007-1994", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-1994", "title": "CVE-2007-1994", "type": "cve", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:31", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\n[Vendor Specific Advisory URL](http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00944467)\nSecurity Tracker: 1017892\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-04/0183.html\nFrSIRT Advisory: ADV-2007-1358\n[CVE-2007-1994](https://vulners.com/cve/CVE-2007-1994)\nBugtraq ID: 23410\n", "modified": "2007-04-03T07:08:49", "published": "2007-04-03T07:08:49", "href": "https://vulners.com/osvdb/OSVDB:35306", "id": "OSVDB:35306", "title": "HP-UX ARPA Transport Unspecified Local DoS", "type": "osvdb", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-07-24T12:56:46", "bulletinFamily": "scanner", "description": "Check for the Version of ARPA Transport", "modified": "2017-07-06T00:00:00", "published": "2009-05-05T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=835107", "id": "OPENVAS:835107", "title": "HP-UX Update for ARPA Transport HPSBUX02205", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for ARPA Transport HPSBUX02205\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Local Denial of Service (DoS)\";\ntag_affected = \"ARPA Transport on\n HP-UX B.11.00 (obsolete) running ARPA Transport.\";\ntag_insight = \"A potential security vulnerability has been identified with HP-UX running \n ARPA Transport. The vulnerability could be exploited by a local user to \n create a Denial of Service (DoS).\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c00944467-1\");\n script_id(835107);\n script_version(\"$Revision: 6584 $\");\n script_cve_id(\"CVE-2007-1994\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 16:13:23 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-05 12:14:23 +0200 (Tue, 05 May 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"HPSBUX\", value: \"02205\");\n script_name( \"HP-UX Update for ARPA Transport HPSBUX02205\");\n\n script_summary(\"Check for the Version of ARPA Transport\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.00\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"OS-Core.CORE2-KRN\", patch_list:['PHNE_35729'], rls:\"HPUX11.00\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"Networking.NET-KRN\", patch_list:['PHNE_35729'], rls:\"HPUX11.00\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"Networking.NET-PRG\", patch_list:['PHNE_35729'], rls:\"HPUX11.00\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"Networking.NET-RUN\", patch_list:['PHNE_35729'], rls:\"HPUX11.00\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"Networking.NET2-KRN\", patch_list:['PHNE_35729'], rls:\"HPUX11.00\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"Networking.NMS2-KRN\", patch_list:['PHNE_35729'], rls:\"HPUX11.00\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:31", "bulletinFamily": "scanner", "description": "Check for the Version of ARPA Transport", "modified": "2018-04-06T00:00:00", "published": "2009-05-05T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310835107", "id": "OPENVAS:1361412562310835107", "type": "openvas", "title": "HP-UX Update for ARPA Transport HPSBUX02205", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for ARPA Transport HPSBUX02205\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Local Denial of Service (DoS)\";\ntag_affected = \"ARPA Transport on\n HP-UX B.11.00 (obsolete) running ARPA Transport.\";\ntag_insight = \"A potential security vulnerability has been identified with HP-UX running \n ARPA Transport. The vulnerability could be exploited by a local user to \n create a Denial of Service (DoS).\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c00944467-1\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.835107\");\n script_version(\"$Revision: 9370 $\");\n script_cve_id(\"CVE-2007-1994\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-05 12:14:23 +0200 (Tue, 05 May 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"HPSBUX\", value: \"02205\");\n script_name( \"HP-UX Update for ARPA Transport HPSBUX02205\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of ARPA Transport\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.00\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"OS-Core.CORE2-KRN\", patch_list:['PHNE_35729'], rls:\"HPUX11.00\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"Networking.NET-KRN\", patch_list:['PHNE_35729'], rls:\"HPUX11.00\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"Networking.NET-PRG\", patch_list:['PHNE_35729'], rls:\"HPUX11.00\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"Networking.NET-RUN\", patch_list:['PHNE_35729'], rls:\"HPUX11.00\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"Networking.NET2-KRN\", patch_list:['PHNE_35729'], rls:\"HPUX11.00\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"Networking.NMS2-KRN\", patch_list:['PHNE_35729'], rls:\"HPUX11.00\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:23", "bulletinFamily": "software", "description": "No description provided", "modified": "2008-01-24T00:00:00", "published": "2008-01-24T00:00:00", "id": "SECURITYVULNS:VULN:7241", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:7241", "title": "HP-UX ARPA transport DoS", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}

HP-UX PHNE_35729 : HP-UX Running ARPA Transport, Local Denial of Service (DoS) (HPSBUX02205 SSRT061120 rev.1)

Description

s700_800 11.00 cumulative ARPA Transport patch : A potential security vulnerability has been identified with HP-UX running ARPA Transport. The vulnerability could be exploited by a local user to create a Denial of Service (DoS).

s700_800 11.00 cumulative ARPA Transport patch :

A potential security vulnerability has been identified with HP-UX running ARPA Transport. The vulnerability could be exploited by a local user to create a Denial of Service (DoS).