{"bulletinFamily": "software", "viewCount": 0, "reporter": "OSVDB", "references": [], "description": "# No description provided by the source\n\n## References:\n[Vendor Specific Advisory URL](http://archives.neohapsis.com/archives/bugtraq/2007-04/0196.html)\n[Vendor Specific Advisory URL](http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00913684)\nSecurity Tracker: 1017893\n[Secunia Advisory ID:24855](https://secuniaresearch.flexerasoftware.com/advisories/24855/)\nOther Advisory URL: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=512\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-04/0205.html\nKeyword: HPSBUX02203,SSRT071339\nFrSIRT Advisory: ADV-2007-1343\n[CVE-2007-1993](https://vulners.com/cve/CVE-2007-1993)\nBugtraq ID: 23401\n", "affectedSoftware": [], "href": "https://vulners.com/osvdb/OSVDB:34897", "modified": "2007-03-30T07:49:10", "enchantments": {"score": {"value": 7.2, "vector": "NONE", "modified": "2017-04-28T13:20:31", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-1993"]}, {"type": "nessus", "idList": ["HPUX_PHCO_25841.NASL", "HPUX_PHKL_26269.NASL", "HPUX_PHKL_28025.NASL", "HPUX_PHKL_28060.NASL", "HPUX_PHKL_26450.NASL", "HPUX_PHCO_26449.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:835135", "OPENVAS:1361412562310835135"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:7573"]}], "modified": "2017-04-28T13:20:31", "rev": 2}, "vulnersScore": 7.2}, "id": "OSVDB:34897", "title": "HP-UX Portable File System (PFS) pfs_mountd.rpc Remote Code Execution", "edition": 1, "published": "2007-03-30T07:49:10", "type": "osvdb", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "cvelist": ["CVE-2007-1993"], "lastseen": "2017-04-28T13:20:31"}

{"cve": [{"lastseen": "2021-02-02T05:31:22", "description": "Buffer overflow in the pfs_mountd.rpc RPC daemon in the Portable File System (PFS) in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to execute arbitrary code by sending \"a call to procedure 5, followed by a crafted payload to procedure 2.\"", "edition": 4, "cvss3": {}, "published": "2007-04-12T10:19:00", "title": "CVE-2007-1993", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-1993"], "modified": "2017-10-11T01:32:00", "cpe": ["cpe:/o:hp:hp-ux:b.11.00", "cpe:/o:hp:hp-ux:b.11.11", "cpe:/o:hp:hp-ux:b.11.23"], "id": "CVE-2007-1993", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-1993", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:hp:hp-ux:b.11.00:*:*:*:*:*:*:*", "cpe:2.3:o:hp:hp-ux:b.11.23:*:*:*:*:*:*:*", "cpe:2.3:o:hp:hp-ux:b.11.11:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2018-04-09T11:38:26", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-1993"], "description": "Check for the Version of Portable File System (PFS)", "modified": "2018-04-06T00:00:00", "published": "2009-05-05T00:00:00", "id": "OPENVAS:1361412562310835135", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310835135", "type": "openvas", "title": "HP-UX Update for Portable File System (PFS) HPSBUX02203", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for Portable File System (PFS) HPSBUX02203\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Remote increase in privilege.\";\ntag_affected = \"Portable File System (PFS) on\n HP-UX B.11.00 (obsolete), B.11.11 and B.11.23.\";\ntag_insight = \"A potential security vulnerability has been identified in HP-UX with the \n Portable File System (PFS). The vulnerability could be exploitedremotely to \n gain an increase in privilege.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c00913684-2\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.835135\");\n script_version(\"$Revision: 9370 $\");\n script_cve_id(\"CVE-2007-1993\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-05 12:14:23 +0200 (Tue, 05 May 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"HPSBUX\", value: \"02203\");\n script_name( \"HP-UX Update for Portable File System (PFS) HPSBUX02203\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of Portable File System (PFS)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.00\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"OS-Core.CORE-KRN\", patch_list:['PHKL_28060', 'PHKL_26450', 'PHCO_26449'], rls:\"HPUX11.00\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"ProgSupport.C-INC\", patch_list:['PHKL_28060', 'PHKL_26450', 'PHCO_26449'], rls:\"HPUX11.00\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"OS-Core.CORE2-KRN\", patch_list:['PHKL_28060', 'PHKL_26450', 'PHCO_26449'], rls:\"HPUX11.00\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"OS-Core.UX-CORE\", patch_list:['PHKL_28060', 'PHKL_26450', 'PHCO_26449'], rls:\"HPUX11.00\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"OS-Core.CORE-KRN\", revision:\"S.\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"ProgSupport.C-INC\", revision:\"S.\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"OS-Core.CORE2-KRN\", revision:\"S.\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"OS-Core.UX-CORE\", revision:\"S.\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"OS-Core.CORE-KRN\", patch_list:['PHKL_28025', 'PHKL_26269', 'PHCO_25841'], rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"ProgSupport.C-INC\", patch_list:['PHKL_28025', 'PHKL_26269', 'PHCO_25841'], rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"OS-Core.CORE2-KRN\", patch_list:['PHKL_28025', 'PHKL_26269', 'PHCO_25841'], rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"OS-Core.UX-CORE\", patch_list:['PHKL_28025', 'PHKL_26269', 'PHCO_25841'], rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:00", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-1993"], "description": "Check for the Version of Portable File System (PFS)", "modified": "2017-07-06T00:00:00", "published": "2009-05-05T00:00:00", "id": "OPENVAS:835135", "href": "http://plugins.openvas.org/nasl.php?oid=835135", "type": "openvas", "title": "HP-UX Update for Portable File System (PFS) HPSBUX02203", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for Portable File System (PFS) HPSBUX02203\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Remote increase in privilege.\";\ntag_affected = \"Portable File System (PFS) on\n HP-UX B.11.00 (obsolete), B.11.11 and B.11.23.\";\ntag_insight = \"A potential security vulnerability has been identified in HP-UX with the \n Portable File System (PFS). The vulnerability could be exploitedremotely to \n gain an increase in privilege.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c00913684-2\");\n script_id(835135);\n script_version(\"$Revision: 6584 $\");\n script_cve_id(\"CVE-2007-1993\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 16:13:23 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-05 12:14:23 +0200 (Tue, 05 May 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"HPSBUX\", value: \"02203\");\n script_name( \"HP-UX Update for Portable File System (PFS) HPSBUX02203\");\n\n script_summary(\"Check for the Version of Portable File System (PFS)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.00\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"OS-Core.CORE-KRN\", patch_list:['PHKL_28060', 'PHKL_26450', 'PHCO_26449'], rls:\"HPUX11.00\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"ProgSupport.C-INC\", patch_list:['PHKL_28060', 'PHKL_26450', 'PHCO_26449'], rls:\"HPUX11.00\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"OS-Core.CORE2-KRN\", patch_list:['PHKL_28060', 'PHKL_26450', 'PHCO_26449'], rls:\"HPUX11.00\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"OS-Core.UX-CORE\", patch_list:['PHKL_28060', 'PHKL_26450', 'PHCO_26449'], rls:\"HPUX11.00\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"OS-Core.CORE-KRN\", revision:\"S.\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"ProgSupport.C-INC\", revision:\"S.\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"OS-Core.CORE2-KRN\", revision:\"S.\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"OS-Core.UX-CORE\", revision:\"S.\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"OS-Core.CORE-KRN\", patch_list:['PHKL_28025', 'PHKL_26269', 'PHCO_25841'], rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"ProgSupport.C-INC\", patch_list:['PHKL_28025', 'PHKL_26269', 'PHCO_25841'], rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"OS-Core.CORE2-KRN\", patch_list:['PHKL_28025', 'PHKL_26269', 'PHCO_25841'], rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"OS-Core.UX-CORE\", patch_list:['PHKL_28025', 'PHKL_26269', 'PHCO_25841'], rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-01-12T11:32:04", "description": "s700_800 11.00 Rock Ridge extension for ISO-9660 : \n\nA potential security vulnerability has been identified in HP-UX with\nthe Portable File System (PFS). The vulnerability could be exploited\nremotely to gain an increase in privilege.", "edition": 24, "published": "2007-09-25T00:00:00", "title": "HP-UX PHKL_26450 : HP-UX Running Portable File System (PFS), Remote Increase in Privilege (HPSBUX02203 SSRT071339 rev.1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-1993"], "modified": "2007-09-25T00:00:00", "cpe": ["cpe:/o:hp:hp-ux"], "id": "HPUX_PHKL_26450.NASL", "href": "https://www.tenable.com/plugins/nessus/26125", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHKL_26450. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(26125);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2007-1993\");\n script_bugtraq_id(23401);\n script_xref(name:\"HP\", value:\"emr_na-c00913684\");\n script_xref(name:\"HP\", value:\"HPSBUX02203\");\n script_xref(name:\"HP\", value:\"SSRT071339\");\n\n script_name(english:\"HP-UX PHKL_26450 : HP-UX Running Portable File System (PFS), Remote Increase in Privilege (HPSBUX02203 SSRT071339 rev.1)\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.00 Rock Ridge extension for ISO-9660 : \n\nA potential security vulnerability has been identified in HP-UX with\nthe Portable File System (PFS). The vulnerability could be exploited\nremotely to gain an increase in privilege.\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00913684\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b9f3a7ae\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHKL_26450 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/25\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.00\"))\n{\n exit(0, \"The host is not affected since PHKL_26450 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHKL_26450\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"OS-Core.CORE-KRN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"ProgSupport.C-INC\", version:\"B.11.00\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T11:32:02", "description": "s700_800 11.11 Add Rock Ridge extension to mount_cdfs(1M) : \n\nA potential security vulnerability has been identified in HP-UX with\nthe Portable File System (PFS). The vulnerability could be exploited\nremotely to gain an increase in privilege.", "edition": 24, "published": "2007-09-25T00:00:00", "title": "HP-UX PHCO_25841 : HP-UX Running Portable File System (PFS), Remote Increase in Privilege (HPSBUX02203 SSRT071339 rev.1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-1993"], "modified": "2007-09-25T00:00:00", "cpe": ["cpe:/o:hp:hp-ux"], "id": "HPUX_PHCO_25841.NASL", "href": "https://www.tenable.com/plugins/nessus/26118", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHCO_25841. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(26118);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2007-1993\");\n script_bugtraq_id(23401);\n script_xref(name:\"HP\", value:\"emr_na-c00913684\");\n script_xref(name:\"HP\", value:\"HPSBUX02203\");\n script_xref(name:\"HP\", value:\"SSRT071339\");\n\n script_name(english:\"HP-UX PHCO_25841 : HP-UX Running Portable File System (PFS), Remote Increase in Privilege (HPSBUX02203 SSRT071339 rev.1)\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.11 Add Rock Ridge extension to mount_cdfs(1M) : \n\nA potential security vulnerability has been identified in HP-UX with\nthe Portable File System (PFS). The vulnerability could be exploited\nremotely to gain an increase in privilege.\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00913684\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b9f3a7ae\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHCO_25841 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/25\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.11\"))\n{\n exit(0, \"The host is not affected since PHCO_25841 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHCO_25841\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"OS-Core.CORE-ENG-A-MAN\", version:\"B.11.11\")) flag++;\nif (hpux_check_patch(app:\"OS-Core.UX-CORE\", version:\"B.11.11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T11:32:04", "description": "s700_800 11.00 Y2k; Rock Ridge extension for ISO-9660 : \n\nA potential security vulnerability has been identified in HP-UX with\nthe Portable File System (PFS). The vulnerability could be exploited\nremotely to gain an increase in privilege.", "edition": 24, "published": "2007-09-25T00:00:00", "title": "HP-UX PHKL_28060 : HP-UX Running Portable File System (PFS), Remote Increase in Privilege (HPSBUX02203 SSRT071339 rev.1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-1993"], "modified": "2007-09-25T00:00:00", "cpe": ["cpe:/o:hp:hp-ux"], "id": "HPUX_PHKL_28060.NASL", "href": "https://www.tenable.com/plugins/nessus/26127", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHKL_28060. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(26127);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2007-1993\");\n script_bugtraq_id(23401);\n script_xref(name:\"HP\", value:\"emr_na-c00913684\");\n script_xref(name:\"HP\", value:\"HPSBUX02203\");\n script_xref(name:\"HP\", value:\"SSRT071339\");\n\n script_name(english:\"HP-UX PHKL_28060 : HP-UX Running Portable File System (PFS), Remote Increase in Privilege (HPSBUX02203 SSRT071339 rev.1)\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.00 Y2k; Rock Ridge extension for ISO-9660 : \n\nA potential security vulnerability has been identified in HP-UX with\nthe Portable File System (PFS). The vulnerability could be exploited\nremotely to gain an increase in privilege.\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00913684\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b9f3a7ae\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHKL_28060 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/25\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.00\"))\n{\n exit(0, \"The host is not affected since PHKL_28060 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHKL_28060\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"OS-Core.CORE-KRN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"OS-Core.CORE2-KRN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"ProgSupport.C-INC\", version:\"B.11.00\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T11:32:04", "description": "s700_800 11.11 Rock Ridge extension for ISO-9660 : \n\nA potential security vulnerability has been identified in HP-UX with\nthe Portable File System (PFS). The vulnerability could be exploited\nremotely to gain an increase in privilege.", "edition": 24, "published": "2007-09-25T00:00:00", "title": "HP-UX PHKL_26269 : HP-UX Running Portable File System (PFS), Remote Increase in Privilege (HPSBUX02203 SSRT071339 rev.1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-1993"], "modified": "2007-09-25T00:00:00", "cpe": ["cpe:/o:hp:hp-ux"], "id": "HPUX_PHKL_26269.NASL", "href": "https://www.tenable.com/plugins/nessus/26124", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHKL_26269. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(26124);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2007-1993\");\n script_bugtraq_id(23401);\n script_xref(name:\"HP\", value:\"emr_na-c00913684\");\n script_xref(name:\"HP\", value:\"HPSBUX02203\");\n script_xref(name:\"HP\", value:\"SSRT071339\");\n\n script_name(english:\"HP-UX PHKL_26269 : HP-UX Running Portable File System (PFS), Remote Increase in Privilege (HPSBUX02203 SSRT071339 rev.1)\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.11 Rock Ridge extension for ISO-9660 : \n\nA potential security vulnerability has been identified in HP-UX with\nthe Portable File System (PFS). The vulnerability could be exploited\nremotely to gain an increase in privilege.\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00913684\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b9f3a7ae\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHKL_26269 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/25\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.11\"))\n{\n exit(0, \"The host is not affected since PHKL_26269 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHKL_26269\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"OS-Core.CORE-KRN\", version:\"B.11.11\")) flag++;\nif (hpux_check_patch(app:\"ProgSupport.C-INC\", version:\"B.11.11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T11:32:02", "description": "s700_800 11.00 Add Rock Ridge extension to mount_cdfs(1M) : \n\nA potential security vulnerability has been identified in HP-UX with\nthe Portable File System (PFS). The vulnerability could be exploited\nremotely to gain an increase in privilege.", "edition": 24, "published": "2007-09-25T00:00:00", "title": "HP-UX PHCO_26449 : HP-UX Running Portable File System (PFS), Remote Increase in Privilege (HPSBUX02203 SSRT071339 rev.1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-1993"], "modified": "2007-09-25T00:00:00", "cpe": ["cpe:/o:hp:hp-ux"], "id": "HPUX_PHCO_26449.NASL", "href": "https://www.tenable.com/plugins/nessus/26119", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHCO_26449. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(26119);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2007-1993\");\n script_bugtraq_id(23401);\n script_xref(name:\"HP\", value:\"emr_na-c00913684\");\n script_xref(name:\"HP\", value:\"HPSBUX02203\");\n script_xref(name:\"HP\", value:\"SSRT071339\");\n\n script_name(english:\"HP-UX PHCO_26449 : HP-UX Running Portable File System (PFS), Remote Increase in Privilege (HPSBUX02203 SSRT071339 rev.1)\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.00 Add Rock Ridge extension to mount_cdfs(1M) : \n\nA potential security vulnerability has been identified in HP-UX with\nthe Portable File System (PFS). The vulnerability could be exploited\nremotely to gain an increase in privilege.\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00913684\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b9f3a7ae\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHCO_26449 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/25\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.00\"))\n{\n exit(0, \"The host is not affected since PHCO_26449 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHCO_26449\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"OS-Core.CORE-ENG-A-MAN\", version:\"B.11.00\")) flag++;\nif (hpux_check_patch(app:\"OS-Core.UX-CORE\", version:\"B.11.00\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T11:32:04", "description": "s700_800 11.11 Rock Ridge extension for ISO-9660 : \n\nA potential security vulnerability has been identified in HP-UX with\nthe Portable File System (PFS). The vulnerability could be exploited\nremotely to gain an increase in privilege.", "edition": 24, "published": "2007-09-25T00:00:00", "title": "HP-UX PHKL_28025 : HP-UX Running Portable File System (PFS), Remote Increase in Privilege (HPSBUX02203 SSRT071339 rev.1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-1993"], "modified": "2007-09-25T00:00:00", "cpe": ["cpe:/o:hp:hp-ux"], "id": "HPUX_PHKL_28025.NASL", "href": "https://www.tenable.com/plugins/nessus/26126", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHKL_28025. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(26126);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2007-1993\");\n script_bugtraq_id(23401);\n script_xref(name:\"HP\", value:\"emr_na-c00913684\");\n script_xref(name:\"HP\", value:\"HPSBUX02203\");\n script_xref(name:\"HP\", value:\"SSRT071339\");\n\n script_name(english:\"HP-UX PHKL_28025 : HP-UX Running Portable File System (PFS), Remote Increase in Privilege (HPSBUX02203 SSRT071339 rev.1)\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.11 Rock Ridge extension for ISO-9660 : \n\nA potential security vulnerability has been identified in HP-UX with\nthe Portable File System (PFS). The vulnerability could be exploited\nremotely to gain an increase in privilege.\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00913684\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b9f3a7ae\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHKL_28025 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/25\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.11\"))\n{\n exit(0, \"The host is not affected since PHKL_28025 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHKL_28025\", \"PHKL_32035\", \"PHKL_34153\", \"PHKL_37535\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"OS-Core.CORE-KRN\", version:\"B.11.11\")) flag++;\nif (hpux_check_patch(app:\"OS-Core.CORE2-KRN\", version:\"B.11.11\")) flag++;\nif (hpux_check_patch(app:\"ProgSupport.C-INC\", version:\"B.11.11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:25", "bulletinFamily": "software", "cvelist": ["CVE-2007-1993"], "description": "Buffer overflow on UDP datagrams parsing.", "edition": 1, "modified": "2007-04-13T00:00:00", "published": "2007-04-13T00:00:00", "id": "SECURITYVULNS:VULN:7573", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:7573", "title": "HP-UX pfs_mountd.rpc PFS file system daemon buffer overflow", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}