{"cve": [{"lastseen": "2018-10-11T11:34:15", "bulletinFamily": "NVD", "description": "The pam_lsass library in Likewise Open 5.4 and CIFS 5.4 before build 8046, and 6.0 before build 8234, as used in HP StorageWorks X9000 Network Storage Systems and possibly other products, uses \"SetPassword logic\" when running as part of a root service, which allows remote attackers to bypass authentication for a Likewise Security Authority (lsassd) account whose password is marked as expired.", "modified": "2018-10-10T15:53:43", "published": "2010-07-28T08:48:51", "id": "CVE-2010-0833", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0833", "title": "CVE-2010-0833", "type": "cve", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2019-01-16T20:10:53", "bulletinFamily": "scanner", "description": "Matt Weatherford discovered that Likewise Open did not correctly check\npassword expiration for the local-provider account. A local attacker\ncould exploit this to log into a system they would otherwise not have\naccess to.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2018-11-28T00:00:00", "published": "2010-07-27T00:00:00", "id": "UBUNTU_USN-964-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=47858", "title": "Ubuntu 10.04 LTS : likewise-open vulnerability (USN-964-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-964-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(47858);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/11/28 22:47:45\");\n\n script_cve_id(\"CVE-2010-0833\");\n script_bugtraq_id(41969);\n script_xref(name:\"USN\", value:\"964-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : likewise-open vulnerability (USN-964-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Matt Weatherford discovered that Likewise Open did not correctly check\npassword expiration for the local-provider account. A local attacker\ncould exploit this to log into a system they would otherwise not have\naccess to.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/964-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:likewise-open\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:likewise-open-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:likewise-open-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:likewise-open5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:likewise-open5-eventlog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:likewise-open5-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:likewise-open5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:likewise-open5-lsass\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:likewise-open5-netlogon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:likewise-open5-rpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/07/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2010-2018 Canonical, Inc. / NASL script (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"likewise-open\", pkgver:\"5.4.0.42111-2ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"likewise-open-gui\", pkgver:\"5.4.0.42111-2ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"likewise-open-server\", pkgver:\"5.4.0.42111-2ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"likewise-open5\", pkgver:\"5.4.0.42111-2ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"likewise-open5-eventlog\", pkgver:\"5.4.0.42111-2ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"likewise-open5-gui\", pkgver:\"5.4.0.42111-2ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"likewise-open5-libs\", pkgver:\"5.4.0.42111-2ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"likewise-open5-lsass\", pkgver:\"5.4.0.42111-2ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"likewise-open5-netlogon\", pkgver:\"5.4.0.42111-2ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"likewise-open5-rpc\", pkgver:\"5.4.0.42111-2ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"likewise-open / likewise-open-gui / likewise-open-server / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-01-23T13:05:26", "bulletinFamily": "scanner", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-964-1", "modified": "2018-01-23T00:00:00", "published": "2010-07-30T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840472", "id": "OPENVAS:1361412562310840472", "title": "Ubuntu Update for likewise-open vulnerability USN-964-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_964_1.nasl 8495 2018-01-23 07:57:49Z teissa $\n#\n# Ubuntu Update for likewise-open vulnerability USN-964-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Matt Weatherford discovered that Likewise Open did not correctly check\n password expiration for the local-provider account. A local attacker could\n exploit this to log into a system they would otherwise not have access to.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-964-1\";\ntag_affected = \"likewise-open vulnerability on Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-964-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840472\");\n script_version(\"$Revision: 8495 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-23 08:57:49 +0100 (Tue, 23 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-30 15:25:34 +0200 (Fri, 30 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"964-1\");\n script_cve_id(\"CVE-2010-0833\");\n script_name(\"Ubuntu Update for likewise-open vulnerability USN-964-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"likewise-open\", ver:\"5.4.0.42111-2ubuntu1.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"likewise-open-gui\", ver:\"5.4.0.42111-2ubuntu1.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"likewise-open-server\", ver:\"5.4.0.42111-2ubuntu1.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"likewise-open5-eventlog\", ver:\"5.4.0.42111-2ubuntu1.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"likewise-open5-gui\", ver:\"5.4.0.42111-2ubuntu1.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"likewise-open5-libs\", ver:\"5.4.0.42111-2ubuntu1.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"likewise-open5-lsass\", ver:\"5.4.0.42111-2ubuntu1.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"likewise-open5-netlogon\", ver:\"5.4.0.42111-2ubuntu1.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"likewise-open5-rpc\", ver:\"5.4.0.42111-2ubuntu1.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"likewise-open5\", ver:\"5.4.0.42111-2ubuntu1.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:17:48", "bulletinFamily": "scanner", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-964-1", "modified": "2017-12-01T00:00:00", "published": "2010-07-30T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=840472", "id": "OPENVAS:840472", "title": "Ubuntu Update for likewise-open vulnerability USN-964-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_964_1.nasl 7965 2017-12-01 07:38:25Z santu $\n#\n# Ubuntu Update for likewise-open vulnerability USN-964-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Matt Weatherford discovered that Likewise Open did not correctly check\n password expiration for the local-provider account. A local attacker could\n exploit this to log into a system they would otherwise not have access to.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-964-1\";\ntag_affected = \"likewise-open vulnerability on Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-964-1/\");\n script_id(840472);\n script_version(\"$Revision: 7965 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:38:25 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-30 15:25:34 +0200 (Fri, 30 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"964-1\");\n script_cve_id(\"CVE-2010-0833\");\n script_name(\"Ubuntu Update for likewise-open vulnerability USN-964-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"likewise-open\", ver:\"5.4.0.42111-2ubuntu1.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"likewise-open-gui\", ver:\"5.4.0.42111-2ubuntu1.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"likewise-open-server\", ver:\"5.4.0.42111-2ubuntu1.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"likewise-open5-eventlog\", ver:\"5.4.0.42111-2ubuntu1.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"likewise-open5-gui\", ver:\"5.4.0.42111-2ubuntu1.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"likewise-open5-libs\", ver:\"5.4.0.42111-2ubuntu1.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"likewise-open5-lsass\", ver:\"5.4.0.42111-2ubuntu1.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"likewise-open5-netlogon\", ver:\"5.4.0.42111-2ubuntu1.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"likewise-open5-rpc\", ver:\"5.4.0.42111-2ubuntu1.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"likewise-open5\", ver:\"5.4.0.42111-2ubuntu1.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:39", "bulletinFamily": "software", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c02712670\r\nVersion: 1\r\n\r\nHPSBST02630 SSRT1000385 rev.1 - HP StorageWorks X9000 Network Storage Systems, Remote Unauthenticated\r\nAccess\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible.\r\n\r\nRelease Date: 2011-02-07\r\nLast Updated: 2011-02-07\r\n\r\nPotential Security Impact: Remote unauthenticated access\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nA potential security vulnerability has been identified with HP StorageWorks X9000 Network Storage\r\nSystems. This vulnerability could be exploited to allow remote unauthenticated access to the accounts\r\nwith expired passwords.\r\n\r\nReferences: CVE-2010-0833\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nHP StorageWorks X9000 Network Storage Systems, all 5.4 versions\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2010-0833 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nThe vulnerability can be avoided by using the following procedure.\r\n\r\nExplicitly disable the local Administrator account.\r\nExplicitly disable any lsassd local-provider accounts that are not in use.\r\n\r\nFor example, to disable the Administrator account:\r\n\r\n$ lw-mod-user --disable-user "MACHINE\Administrator"\r\nwhere MACHINE is hostname of the local system.\r\n\r\nThe following command can be used to verify that the account has been disabled.\r\n\r\n$ lw-find-user-by-name --level 2 "MACHINE\Administrator"\r\n\r\nThe command should return:\r\nAccount disabled (or locked): TRUE\r\n\r\nHISTORY\r\nVersion:1 (rev.1) - 7 February 2011 Initial Release\r\n\r\nThird Party Security Patches: Third party security patches that are to be installed on systems running\r\nHP software products should be applied in accordance with the customer's patch management policy.\r\n\r\nSupport: For further information, contact normal HP Services support channel.\r\n\r\nReport: To report a potential security vulnerability with any HP supported product, send Email to:\r\nsecurity-alert@hp.com\r\nIt is strongly recommended that security related information being communicated to HP be encrypted\r\nusing PGP, especially exploit information.\r\nTo get the security-alert PGP key, please send an e-mail message as follows:\r\n To: security-alert@hp.com\r\n Subject: get key\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\r\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC\r\nOn the web page: ITRC security bulletins and patch sign-up\r\nUnder Step1: your ITRC security bulletins and patches\r\n -check ALL categories for which alerts are required and continue.\r\nUnder Step2: your ITRC operating systems\r\n -verify your operating system selections are checked and save.\r\n\r\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\r\nLog in on the web page: Subscriber's choice for Business: sign-in.\r\nOn the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate\r\nsections.\r\n\r\nTo review previously published Security Bulletins visit:\r\nhttp://www.itrc.hp.com/service/cki/secBullArchive.do\r\n\r\n* The Software Product Category that this Security Bulletin\r\nrelates to is represented by the 5th and 6th characters\r\nof the Bulletin number in the title:\r\n\r\nGN = HP General SW\r\nMA = HP Management Agents\r\nMI = Misc. 3rd Party SW\r\nMP = HP MPE/iX\r\nNS = HP NonStop Servers\r\nOV = HP OpenVMS\r\nPI = HP Printing & Imaging\r\nST = HP Storage SW\r\nTL = HP Trusted Linux\r\nTU = HP Tru64 UNIX\r\nUX = HP-UX\r\nVV = HP VirtualVault\r\n\r\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP\r\nis continually reviewing and enhancing the security features of software products to provide customers\r\nwith current secure solutions.\r\n\r\n"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the\r\naffected HP products the important security information contained in this Bulletin. HP recommends that\r\nall users determine the applicability of this information to their individual situations and take\r\nappropriate action. HP does not warrant that this information is necessarily accurate or complete for\r\nall user situations and, consequently, HP will not be responsible for any damages resulting from user's\r\nuse or disregard of the information provided in this Bulletin. To the extent permitted by law, HP\r\ndisclaims all warranties, either express or implied, including the warranties of merchantability and\r\nfitness for a particular purpose, title and non-infringement."\r\n\r\nCopyright 2009 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained\r\nherein. The information provided is provided "as is" without warranty of any kind. To the extent\r\npermitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for\r\nincidental,special or consequential damages including downtime cost; lost profits;damages relating to\r\nthe procurement of substitute products or services; or damages for loss of data, or software\r\nrestoration. The information in this document is subject to change without notice. Hewlett-Packard\r\nCompany and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard\r\nCompany in the United States and other countries. Other product and company names mentioned herein may\r\nbe trademarks of their respective owners.\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.10 (GNU/Linux)\r\n\r\niEYEARECAAYFAk1QDjYACgkQ4B86/C0qfVk/rwCeJuHYT3cycTC7TWjEUxvyaDIy\r\nFzEAniODJNWRfEOHsFODlQehjm1LkyOa\r\n=FdPt\r\n-----END PGP SIGNATURE-----", "modified": "2011-02-14T00:00:00", "published": "2011-02-14T00:00:00", "id": "SECURITYVULNS:DOC:25719", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25719", "title": "[security bulletin] HPSBST02630 SSRT1000385 rev.1 - HP StorageWorks X9000 Network Storage Systems, Remote Unauthenticated Access", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:08:37", "bulletinFamily": "unix", "description": "Matt Weatherford discovered that Likewise Open did not correctly check password expiration for the local-provider account. A local attacker could exploit this to log into a system they would otherwise not have access to.", "modified": "2010-07-26T00:00:00", "published": "2010-07-26T00:00:00", "id": "USN-964-1", "href": "https://usn.ubuntu.com/964-1/", "title": "Likewise Open vulnerability", "type": "ubuntu", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}