{"cve": [{"lastseen": "2017-09-19T13:37:21", "bulletinFamily": "NVD", "description": "Multiple integer overflows in vxsvc.exe in the Veritas Enterprise Administrator service in Symantec Veritas Storage Foundation 5.1 and earlier, Veritas Storage Foundation Cluster File System (SFCFS) 5.1 and earlier, Veritas Storage Foundation Cluster File System Enterprise for Oracle RAC (SFCFSORAC) 5.1 and earlier, Veritas Dynamic Multi-Pathing (DMP) 5.1, and NetBackup PureDisk 6.5.x through 6.6.1.x allow remote attackers to execute arbitrary code via (1) a crafted Unicode string, related to the vxveautil.value_binary_unpack function; (2) a crafted ASCII string, related to the vxveautil.value_binary_unpack function; or (3) a crafted value, related to the vxveautil.kv_binary_unpack function, leading to a buffer overflow.", "modified": "2017-09-18T21:32:03", "published": "2011-08-19T17:55:01", "id": "CVE-2011-0547", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0547", "title": "CVE-2011-0547", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "zdi": [{"lastseen": "2016-11-09T00:17:51", "bulletinFamily": "info", "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Veritas Storage Foundation Administrator Service. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within vxsvc.exe process. The problem affecting the part of the server running on tcp port 2148 is an integer overflow in the function vxveautil.kv_binary_unpack where a 32-bit field is used to allocate an amount of memory equal to its value plus 1. This can be made to miscalculate a heap buffer which can be subsequently overflowed allowing an attacker to execute arbitrary code under the context of SYSTEM.", "modified": "2011-11-09T00:00:00", "published": "2011-08-16T00:00:00", "href": "http://www.zerodayinitiative.com/advisories/ZDI-11-264", "id": "ZDI-11-264", "title": "Symantec Veritas Storage Foundation vxsvc.exe Value Unpacking Integer Overflow Remote Code Execution Vulnerability", "type": "zdi", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-11-09T00:17:59", "bulletinFamily": "info", "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Veritas Storage Foundation. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the vxsvc.exe process. The problem affecting the part of the server running on TCP port 2148 is an integer overflow in the function vxveautil.value_binary_unpack where a 32-bit field holds a value that, through some calculation, can be used to create a smaller heap buffer than required to hold user-supplied data. This can be leveraged to cause an overflow of the heap buffer, allowing the attacker to execute arbitrary code under the context of SYSTEM.", "modified": "2011-11-09T00:00:00", "published": "2011-08-16T00:00:00", "href": "http://www.zerodayinitiative.com/advisories/ZDI-11-262", "id": "ZDI-11-262", "title": "Symantec Veritas Storage Foundation vxsvc.exe Unicode String Parsing Remote Code Execution Vulnerability", "type": "zdi", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-11-09T00:17:52", "bulletinFamily": "info", "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Veritas Storage Foundation Administrator Service. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within vxsvc.exe. The problem affecting the part of the server running on TCP port 2148 is an integer overflow in the function vxveautil.value_binary_unpack during the handling of the ascii strings (opcode 6) where the 32-bit field supplied by the attacker is used for allocating a destination buffer by adding an additional byte to its value. This integer overflow can be used to create a small allocation which will be subsequently overflowed, allowing the attacker to execute arbitrary code under the context of the SYSTEM.", "modified": "2011-11-09T00:00:00", "published": "2011-08-16T00:00:00", "href": "http://www.zerodayinitiative.com/advisories/ZDI-11-263", "id": "ZDI-11-263", "title": "Symantec Veritas Storage Foundation vxsvc.exe ASCII String Unpacking Remote Code Execution Vulnerability", "type": "zdi", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:41", "bulletinFamily": "software", "description": "ZDI-11-264: Symantec Veritas Storage Foundation vxsvc.exe Value Unpacking Integer Overflow Remote Code Execution Vulnerability\r\n\r\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-264\r\n\r\nAugust 16, 2011\r\n\r\n-- CVE ID:\r\nCVE-2011-0547\r\n\r\n-- CVSS:\r\n10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)\r\n\r\n-- Affected Vendors:\r\nSymantec\r\n\r\n-- Affected Products:\r\nSymantec Veritas Storage Foundation\r\n\r\n-- TippingPoint(TM) IPS Customer Protection:\r\nTippingPoint IPS customers have been protected against this\r\nvulnerability by Digital Vaccine protection filter ID 11572. \r\nFor further product information on the TippingPoint IPS, visit:\r\n\r\n http://www.tippingpoint.com\r\n\r\n-- Vulnerability Details:\r\nThis vulnerability allows remote attackers to execute arbitrary code on\r\nvulnerable installations of Symantec Veritas Storage Foundation\r\nAdministrator Service. Authentication is not required to exploit this\r\nvulnerability.\r\n\r\nThe specific flaw exists within vxsvc.exe process. The problem affecting\r\nthe part of the server running on tcp port 2148 is an integer overflow\r\nin the function vxveautil.kv_binary_unpack where a 32-bit field is used\r\nto allocate an amount of memory equal to its value plus 1. This can be\r\nmade to miscalculate a heap buffer which can be subsequently overflowed\r\nallowing an attacker to execute arbitrary code under the context of\r\nSYSTEM.\r\n\r\n-- Vendor Response:\r\nSymantec has issued an update to correct this vulnerability. More\r\ndetails can be found at:\r\n\r\nhttp://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&amp;pvid=security_advisory&amp;year=2011&amp;suid=20110815_00\r\n\r\n-- Disclosure Timeline:\r\n2011-02-17 - Vulnerability reported to vendor\r\n2011-08-16 - Coordinated public release of advisory\r\n\r\n-- Credit:\r\nThis vulnerability was discovered by:\r\n * Luigi Auriemma\r\n\r\n-- About the Zero Day Initiative (ZDI):\r\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \r\na best-of-breed model for rewarding security researchers for responsibly\r\ndisclosing discovered vulnerabilities.\r\n\r\nResearchers interested in getting paid for their security research\r\nthrough the ZDI can find more information and sign-up at:\r\n\r\n http://www.zerodayinitiative.com\r\n\r\nThe ZDI is unique in how the acquired vulnerability information is\r\nused. TippingPoint does not re-sell the vulnerability details or any\r\nexploit code. Instead, upon notifying the affected product vendor,\r\nTippingPoint provides its customers with zero day protection through\r\nits intrusion prevention technology. Explicit details regarding the\r\nspecifics of the vulnerability are not exposed to any parties until\r\nan official vendor patch is publicly available. Furthermore, with the\r\naltruistic aim of helping to secure a broader user base, TippingPoint\r\nprovides this vulnerability information confidentially to security\r\nvendors (including competitors) who have a vulnerability protection or\r\nmitigation product.\r\n\r\nOur vulnerability disclosure policy is available online at:\r\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\r\n\r\nFollow the ZDI on Twitter:\r\n http://twitter.com/thezdi", "modified": "2011-08-17T00:00:00", "published": "2011-08-17T00:00:00", "id": "SECURITYVULNS:DOC:26879", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26879", "title": "ZDI-11-264: Symantec Veritas Storage Foundation vxsvc.exe Value Unpacking Integer Overflow Remote Code Execution Vulnerability", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:41", "bulletinFamily": "software", "description": "ZDI-11-262: Symantec Veritas Storage Foundation vxsvc.exe Unicode String Parsing Remote Code Execution Vulnerability\r\n\r\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-262\r\n\r\nAugust 16, 2011\r\n\r\n-- CVE ID:\r\nCVE-2011-0547\r\n\r\n-- CVSS:\r\n10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)\r\n\r\n-- Affected Vendors:\r\nSymantec\r\n\r\n-- Affected Products:\r\nSymantec Veritas Storage Foundation\r\n\r\n-- TippingPoint(TM) IPS Customer Protection:\r\nTippingPoint IPS customers have been protected against this\r\nvulnerability by Digital Vaccine protection filter ID 11573. \r\nFor further product information on the TippingPoint IPS, visit:\r\n\r\n http://www.tippingpoint.com\r\n\r\n-- Vulnerability Details:\r\nThis vulnerability allows remote attackers to execute arbitrary code on\r\nvulnerable installations of Symantec Veritas Storage Foundation.\r\nAuthentication is not required to exploit this vulnerability.\r\n\r\nThe specific flaw exists within the vxsvc.exe process. The problem\r\naffecting the part of the server running on TCP port 2148 is an integer\r\noverflow in the function vxveautil.value_binary_unpack where a 32-bit\r\nfield holds a value that, through some calculation, can be used to\r\ncreate a smaller heap buffer than required to hold user-supplied data.\r\nThis can be leveraged to cause an overflow of the heap buffer, allowing\r\nthe attacker to execute arbitrary code under the context of SYSTEM.\r\n\r\n-- Vendor Response:\r\nSymantec has issued an update to correct this vulnerability. More\r\ndetails can be found at:\r\n\r\nhttp://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&amp;pvid=security_advisory&amp;year=2011&amp;suid=20110815_00\r\n\r\n-- Disclosure Timeline:\r\n2011-02-17 - Vulnerability reported to vendor\r\n2011-08-16 - Coordinated public release of advisory\r\n\r\n-- Credit:\r\nThis vulnerability was discovered by:\r\n * Luigi Auriemma\r\n\r\n-- About the Zero Day Initiative (ZDI):\r\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \r\na best-of-breed model for rewarding security researchers for responsibly\r\ndisclosing discovered vulnerabilities.\r\n\r\nResearchers interested in getting paid for their security research\r\nthrough the ZDI can find more information and sign-up at:\r\n\r\n http://www.zerodayinitiative.com\r\n\r\nThe ZDI is unique in how the acquired vulnerability information is\r\nused. TippingPoint does not re-sell the vulnerability details or any\r\nexploit code. Instead, upon notifying the affected product vendor,\r\nTippingPoint provides its customers with zero day protection through\r\nits intrusion prevention technology. Explicit details regarding the\r\nspecifics of the vulnerability are not exposed to any parties until\r\nan official vendor patch is publicly available. Furthermore, with the\r\naltruistic aim of helping to secure a broader user base, TippingPoint\r\nprovides this vulnerability information confidentially to security\r\nvendors (including competitors) who have a vulnerability protection or\r\nmitigation product.\r\n\r\nOur vulnerability disclosure policy is available online at:\r\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\r\n\r\nFollow the ZDI on Twitter:\r\n http://twitter.com/thezdi", "modified": "2011-08-17T00:00:00", "published": "2011-08-17T00:00:00", "id": "SECURITYVULNS:DOC:26877", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26877", "title": "ZDI-11-262: Symantec Veritas Storage Foundation vxsvc.exe Unicode String Parsing Remote Code Execution Vulnerability", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:41", "bulletinFamily": "software", "description": "ZDI-11-263: Symantec Veritas Storage Foundation vxsvc.exe ASCII String Unpacking Remote Code Execution Vulnerability\r\n\r\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-263\r\n\r\nAugust 16, 2011\r\n\r\n-- CVE ID:\r\nCVE-2011-0547\r\n\r\n-- CVSS:\r\n10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)\r\n\r\n-- Affected Vendors:\r\nSymantec\r\n\r\n-- Affected Products:\r\nSymantec Veritas Storage Foundation\r\n\r\n-- TippingPoint(TM) IPS Customer Protection:\r\nTippingPoint IPS customers have been protected against this\r\nvulnerability by Digital Vaccine protection filter ID 11574. \r\nFor further product information on the TippingPoint IPS, visit:\r\n\r\n http://www.tippingpoint.com\r\n\r\n-- Vulnerability Details:\r\nThis vulnerability allows remote attackers to execute arbitrary code on\r\nvulnerable installations of Symantec Veritas Storage Foundation\r\nAdministrator Service. Authentication is not required to exploit this\r\nvulnerability.\r\n\r\nThe specific flaw exists within vxsvc.exe. The problem affecting the\r\npart of the server running on TCP port 2148 is an integer overflow in\r\nthe function vxveautil.value_binary_unpack during the handling of the\r\nascii strings (opcode 6) where the 32-bit field supplied by the attacker\r\nis used for allocating a destination buffer by adding an additional byte\r\nto its value. This integer overflow can be used to create a small\r\nallocation which will be subsequently overflowed, allowing the attacker\r\nto execute arbitrary code under the context of the SYSTEM.\r\n\r\n-- Vendor Response:\r\nSymantec has issued an update to correct this vulnerability. More\r\ndetails can be found at:\r\nhttp://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&amp;pvid=security_advisory&amp;year=2011&amp;suid=20110815_00\r\n\r\n-- Disclosure Timeline:\r\n2011-02-17 - Vulnerability reported to vendor\r\n2011-08-16 - Coordinated public release of advisory\r\n\r\n-- Credit:\r\nThis vulnerability was discovered by:\r\n * Luigi Auriemma\r\n\r\n-- About the Zero Day Initiative (ZDI):\r\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \r\na best-of-breed model for rewarding security researchers for responsibly\r\ndisclosing discovered vulnerabilities.\r\n\r\nResearchers interested in getting paid for their security research\r\nthrough the ZDI can find more information and sign-up at:\r\n\r\n http://www.zerodayinitiative.com\r\n\r\nThe ZDI is unique in how the acquired vulnerability information is\r\nused. TippingPoint does not re-sell the vulnerability details or any\r\nexploit code. Instead, upon notifying the affected product vendor,\r\nTippingPoint provides its customers with zero day protection through\r\nits intrusion prevention technology. Explicit details regarding the\r\nspecifics of the vulnerability are not exposed to any parties until\r\nan official vendor patch is publicly available. Furthermore, with the\r\naltruistic aim of helping to secure a broader user base, TippingPoint\r\nprovides this vulnerability information confidentially to security\r\nvendors (including competitors) who have a vulnerability protection or\r\nmitigation product.\r\n\r\nOur vulnerability disclosure policy is available online at:\r\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\r\n\r\nFollow the ZDI on Twitter:\r\n http://twitter.com/thezdi", "modified": "2011-08-17T00:00:00", "published": "2011-08-17T00:00:00", "id": "SECURITYVULNS:DOC:26878", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26878", "title": "ZDI-11-263: Symantec Veritas Storage Foundation vxsvc.exe ASCII String Unpacking Remote Code Execution Vulnerability", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2019-02-21T01:15:18", "bulletinFamily": "scanner", "description": "Symantec Veritas Enterprise Administrator Service (vxsvc), a component of Veritas Storage Foundation, is installed on the remote Windows host. According to its version number, the installed version of Symantec Veritas Enterprise Administrator service is affected by multiple integer overflow vulnerabilities in the following functions :\n\n - vxveautil.value_binary_unpack\n\n - vxveautil.value_binary_unpack\n\n - vxveautil.kv_binary_unpack\n\nA remote, unauthenticated attacker, exploiting these flaws, could execute arbitrary code on the remote host subject to the privileges of the user running the affected application.", "modified": "2018-11-15T00:00:00", "id": "VERITAS_STORAGE_FOUNDATION_VXSVC_MULTIPLE_VULNS.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=55983", "published": "2011-08-25T00:00:00", "title": "Symantec Veritas Enterprise Administrator Service (vxsvc) Multiple Integer Overflows (SYM11-010)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55983);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/11/15 20:50:29\");\n\n script_cve_id(\"CVE-2011-0547\");\n script_bugtraq_id(49014);\n script_xref(name:\"IAVB\", value:\"2011-B-0108\");\n\n script_name(english:\"Symantec Veritas Enterprise Administrator Service (vxsvc) Multiple Integer Overflows (SYM11-010)\");\n script_summary(english:\"Checks version of vxsvc\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an administrator service that is affected by\nmultiple integer overflow vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"Symantec Veritas Enterprise Administrator Service (vxsvc), a component\nof Veritas Storage Foundation, is installed on the remote Windows\nhost. According to its version number, the installed version of\nSymantec Veritas Enterprise Administrator service is affected by\nmultiple integer overflow vulnerabilities in the following functions :\n\n - vxveautil.value_binary_unpack\n\n - vxveautil.value_binary_unpack\n\n - vxveautil.kv_binary_unpack\n\nA remote, unauthenticated attacker, exploiting these flaws, could\nexecute arbitrary code on the remote host subject to the privileges of\nthe user running the affected application.\");\n\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7a2739c2\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-11-262/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-11-263/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-11-264/\");\n script_set_attribute(attribute:\"solution\", value:\"Apply the relevant patch from the Symantec advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/08/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:veritas:enterprise_administrator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:symantec:veritas_storage_foundation\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smb_hotfixes.nasl\", \"smb_enum_services.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\");\n script_require_ports(139, 445);\n\n exit(0);\n}\n\ninclude(\"smb_func.inc\");\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"misc_func.inc\");\n\nname = kb_smb_name();\nlogin = kb_smb_login();\npass = kb_smb_password();\ndomain = kb_smb_domain();\nport = kb_smb_transport();\n\n\n\nif(! smb_session_init()) audit(AUDIT_FN_FAIL, 'smb_session_init');\nrc = NetUseAdd(login:login, password:pass, domain:domain, share:'IPC$');\nif (rc != 1)\n{\n NetUseDel();\n exit(1, 'Can\\'t connect to IPC$ share.');\n}\n\nhklm = RegConnectRegistry(hkey:HKEY_LOCAL_MACHINE);\nif (isnull(hklm))\n{\n NetUseDel();\n exit(1, 'Can\\'t connect to the remote registry.');\n}\n\n# Make sure Veritas Storage Foundation is installed\n# and make sure it is one of the affected versions\nvsfver = NULL;\nkey = 'SOFTWARE\\\\Veritas\\\\VPI';\nkey_h = RegOpenKey(handle:hklm, key:key, mode:MAXIMUM_ALLOWED);\nif (!isnull(key_h))\n{\n info = RegQueryInfoKey(handle:key_h);\n for (i=0; i<info[1]; ++i)\n {\n subkey = RegEnumKey(handle:key_h, index:i);\n if (strlen(subkey) && subkey =~ '^{[A-Za-z0-9\\\\-]+}')\n {\n key2 = key + '\\\\' + subkey + '\\\\Config';\n key2_h = RegOpenKey(handle:hklm, key:key2, mode:MAXIMUM_ALLOWED);\n if (!isnull(key2_h))\n {\n item = RegQueryValue(handle:key2_h, item:'VersionName');\n if (!isnull(item)) vsfver = item[1];\n RegCloseKey(handle:key2_h);\n }\n }\n }\n RegCloseKey(handle:key_h);\n}\n\nif (isnull(vsfver))\n{\n RegCloseKey(handle:hklm);\n NetUseDel();\n exit(0, 'Symantec Veritas Storage Foundation wasn\\'t detected on the remote host.');\n}\n\naffectedver = 0;\naffectedvsfvers = make_list('5.0', '5.0 RP1', '5.0 RP2', '5.1', '5.1 SP1', '5.1 SP2');\nfor (i=0; i<max_index(affectedvsfvers); i++)\n{\n if (vsfver == affectedvsfvers[i])\n {\n affectedver = 1;\n break;\n }\n}\n\nif (!affectedver)\n{\n RegCloseKey(handle:hklm);\n NetUseDel();\n exit(0, 'No affected versions of Symantec Veritas Storage Foundation were detected on the remote host.');\n}\n\n# Get the paths to the DLLs from the registry\nvxsvcpath = NULL;\nvrtsobcpath = NULL;\nkey = 'SOFTWARE\\\\Veritas\\\\VxSvc\\\\CurrentVersion';\nkey_h = RegOpenKey(handle:hklm, key:key, mode:MAXIMUM_ALLOWED);\nif (!isnull(key_h))\n{\n info = RegQueryValue(handle:key_h, item:'InstallDir');\n if (!isnull(info)) vxsvcpath = info[1] + '\\\\bin';\n RegCloseKey(handle:key_h);\n}\n\nkey = 'SOFTWARE\\\\Veritas\\\\VRTSobc\\\\pal33';\nkey_h = RegOpenKey(handle:hklm, key:key, mode:MAXIMUM_ALLOWED);\nif (!isnull(key_h))\n{\n info = RegQueryValue(handle:key_h, item:'InstallDir');\n if (!isnull(info)) vrtsobcpath = info[1] + '\\\\pal33\\\\bin';\n RegCloseKey(handle:key_h);\n}\nRegCloseKey(handle:hklm);\nNetUseDel(close:FALSE);\n\ndlls = make_list();\nif (isnull(vxsvcpath) && isnull(vrtsobcpath))\n{\n NetUseDel();\n exit(1, 'Couldn\\'t determine the path for the affected DLLs.');\n}\n\n# Unless we're paranoid, make sure the service is running.\nif (report_paranoia < 2)\n{\n status = get_kb_item_or_exit('SMB/svc/vxob');\n if (status != SERVICE_ACTIVE)\n exit(0, 'The Veritas Storage Foundation Enterprise Administrator Service is installed but not active.');\n}\n\n# Build a list of affected DLLs\nif (!isnull(vxsvcpath))\n{\n dlls = make_list(\n ereg_replace(pattern:'^[A-Za-z]:(.*)', replace:'\\\\1\\\\vxveautil.dll', string:vxsvcpath),\n ereg_replace(pattern:'^[A-Za-z]:(.*)', replace:'\\\\1\\\\vxvea3.dll', string:vxsvcpath)\n );\n}\nif (!isnull(vrtsobcpath))\n{\n dlls = make_list(\n dlls,\n ereg_replace(pattern:'^[A-Za-z]:(.*)', replace:'\\\\1\\\\vxveautil.dll', string:vrtsobcpath),\n ereg_replace(pattern:'^[A-Za-z]:(.*)', replace:'\\\\1\\\\vxpal3.dll', string:vrtsobcpath)\n );\n}\n\nvulns = 0;\nshare = ereg_replace(pattern:'^([A-Za-z]):.*', replace:'\\\\1$', string:vxsvcpath);\nforeach dll (dlls)\n{\n NetUseDel(close:FALSE);\n\n rc = NetUseAdd(login:login, password:pass, domain:domain, share:share);\n if (rc != 1)\n {\n NetUseDel();\n exit(1, 'Can\\'t connect to '+share+' share.');\n }\n\n fh = CreateFile(\n file:dll,\n desired_access:GENERIC_READ,\n file_attributes:FILE_ATTRIBUTE_NORMAL,\n share_mode:FILE_SHARE_READ,\n create_disposition:OPEN_EXISTING\n );\n if (isnull(fh))\n {\n debug_print('Couldn\\'t open file '+dll+'.');\n continue;\n }\n\n ver = GetFileVersion(handle:fh);\n if (isnull(ver))\n {\n debug_print('Couldn\\'t get the version of '+dll+'.');\n continue;\n }\n else\n {\n vulndll = '';\n version = join(ver, sep:'.');\n if (ver_compare(ver:version, fix:'3.3.1068.0') == -1)\n {\n vulns++;\n vulndll = ereg_replace(pattern:'^([A-Za-z])\\\\$', replace:'\\\\1:\\\\', string:share);\n vulndll = vulndll + dll;\n }\n\n report +=\n '\\n Vulnerable dll : ' + vulndll +\n '\\n Version : ' + version + '\\n';\n }\n CloseFile(handle:fh);\n}\nNetUseDel();\n\nif (vulns)\n{\n if (report_verbosity > 0)\n {\n if (vulns > 1) s = 's were found ';\n else s = ' was found ';\n report =\n '\\n The following vulnerable dll' + s + 'on the remote host :' +\n '\\n' +\n report;\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse exit(0, 'No vulnerable vxsvc dlls were detected on the remote host.');\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:15:40", "bulletinFamily": "scanner", "description": "s700_800 11.31 VRTS 5.0 VRTSob Command Patch : \n\nPotential security vulnerabilities have been identified in HP-UX running the Veritas Enterprise Administrator (VEA), which comes bundled with VxVM. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or execute arbitrary code.\nReferences: CVE-2011-0547, ZDI-CAN-1110, ZDI-CAN-1111.", "modified": "2018-07-12T00:00:00", "id": "HPUX_PHCO_42176.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=56827", "published": "2012-03-06T00:00:00", "title": "HP-UX PHCO_42176 : HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code (HPSBUX02700 SSRT100506 rev.2)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHCO_42176. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(56827);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/07/12 19:01:15\");\n\n script_cve_id(\"CVE-2011-0546\", \"CVE-2011-0547\");\n script_bugtraq_id(47824, 49014);\n script_xref(name:\"HP\", value:\"emr_na-c02962262\");\n script_xref(name:\"IAVB\", value:\"2011-B-0108\");\n script_xref(name:\"HP\", value:\"HPSBUX02700\");\n script_xref(name:\"HP\", value:\"SSRT100506\");\n\n script_name(english:\"HP-UX PHCO_42176 : HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code (HPSBUX02700 SSRT100506 rev.2)\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.31 VRTS 5.0 VRTSob Command Patch : \n\nPotential security vulnerabilities have been identified in HP-UX\nrunning the Veritas Enterprise Administrator (VEA), which comes\nbundled with VxVM. The vulnerabilities could be exploited remotely to\ncreate a Denial of Service (DoS) or execute arbitrary code.\nReferences: CVE-2011-0547, ZDI-CAN-1110, ZDI-CAN-1111.\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02962262\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a55dd2ee\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHCO_42176 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/09\");\n script_set_attribute(attribute:\"patch_modification_date\", value:\"2011/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/06\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.31\"))\n{\n exit(0, \"The host is not affected since PHCO_42176 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHCO_42176\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"VRTSob.VEAS-FILESET\", version:\"3.3.837.0\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:15:40", "bulletinFamily": "scanner", "description": "s700_800 11.31 VRTS 5.0 VRTSobc33 Command Patch : \n\nPotential security vulnerabilities have been identified in HP-UX running the Veritas Enterprise Administrator (VEA), which comes bundled with VxVM. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or execute arbitrary code.\nReferences: CVE-2011-0547, ZDI-CAN-1110, ZDI-CAN-1111.", "modified": "2018-07-12T00:00:00", "id": "HPUX_PHCO_42177.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=56828", "published": "2012-03-06T00:00:00", "title": "HP-UX PHCO_42177 : HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code (HPSBUX02700 SSRT100506 rev.2)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHCO_42177. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(56828);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/07/12 19:01:15\");\n\n script_cve_id(\"CVE-2011-0546\", \"CVE-2011-0547\");\n script_bugtraq_id(47824, 49014);\n script_xref(name:\"HP\", value:\"emr_na-c02962262\");\n script_xref(name:\"IAVB\", value:\"2011-B-0108\");\n script_xref(name:\"HP\", value:\"HPSBUX02700\");\n script_xref(name:\"HP\", value:\"SSRT100506\");\n\n script_name(english:\"HP-UX PHCO_42177 : HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code (HPSBUX02700 SSRT100506 rev.2)\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.31 VRTS 5.0 VRTSobc33 Command Patch : \n\nPotential security vulnerabilities have been identified in HP-UX\nrunning the Veritas Enterprise Administrator (VEA), which comes\nbundled with VxVM. The vulnerabilities could be exploited remotely to\ncreate a Denial of Service (DoS) or execute arbitrary code.\nReferences: CVE-2011-0547, ZDI-CAN-1110, ZDI-CAN-1111.\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02962262\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a55dd2ee\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHCO_42177 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/09\");\n script_set_attribute(attribute:\"patch_modification_date\", value:\"2011/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/06\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.31\"))\n{\n exit(0, \"The host is not affected since PHCO_42177 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHCO_42177\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"VRTSobc33.VRTSOBC33\", version:\"3.3.837.0\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:15:40", "bulletinFamily": "scanner", "description": "s700_800 11.31 VRTS 5.1SP1 VRTSob Command Patch : \n\nPotential security vulnerabilities have been identified in HP-UX running the Veritas Enterprise Administrator (VEA), which comes bundled with VxVM. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or execute arbitrary code.\nReferences: CVE-2011-0547, ZDI-CAN-1110, ZDI-CAN-1111.", "modified": "2018-07-12T00:00:00", "id": "HPUX_PHCO_42182.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=56833", "published": "2012-03-06T00:00:00", "title": "HP-UX PHCO_42182 : HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code (HPSBUX02700 SSRT100506 rev.2)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHCO_42182. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(56833);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/07/12 19:01:15\");\n\n script_cve_id(\"CVE-2011-0546\", \"CVE-2011-0547\");\n script_bugtraq_id(47824, 49014);\n script_xref(name:\"HP\", value:\"emr_na-c02962262\");\n script_xref(name:\"IAVB\", value:\"2011-B-0108\");\n script_xref(name:\"HP\", value:\"HPSBUX02700\");\n script_xref(name:\"HP\", value:\"SSRT100506\");\n\n script_name(english:\"HP-UX PHCO_42182 : HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code (HPSBUX02700 SSRT100506 rev.2)\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.31 VRTS 5.1SP1 VRTSob Command Patch : \n\nPotential security vulnerabilities have been identified in HP-UX\nrunning the Veritas Enterprise Administrator (VEA), which comes\nbundled with VxVM. The vulnerabilities could be exploited remotely to\ncreate a Denial of Service (DoS) or execute arbitrary code.\nReferences: CVE-2011-0547, ZDI-CAN-1110, ZDI-CAN-1111.\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02962262\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a55dd2ee\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHCO_42182 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/10\");\n script_set_attribute(attribute:\"patch_modification_date\", value:\"2011/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/06\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.31\"))\n{\n exit(0, \"The host is not affected since PHCO_42182 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHCO_42182\", \"PHCO_42319\", \"PHCO_42320\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"VRTSob.VEAS-FILESET\", version:\"3.4.296.0\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:15:40", "bulletinFamily": "scanner", "description": "s700_800 11.23 VRTS 5.0 VRTSob Command Patch : \n\nPotential security vulnerabilities have been identified in HP-UX running the Veritas Enterprise Administrator (VEA), which comes bundled with VxVM. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or execute arbitrary code.\nReferences: CVE-2011-0547, ZDI-CAN-1110, ZDI-CAN-1111.", "modified": "2018-07-12T00:00:00", "id": "HPUX_PHCO_42180.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=56831", "published": "2012-03-06T00:00:00", "title": "HP-UX PHCO_42180 : HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code (HPSBUX02700 SSRT100506 rev.2)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHCO_42180. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(56831);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/07/12 19:01:15\");\n\n script_cve_id(\"CVE-2011-0546\", \"CVE-2011-0547\");\n script_bugtraq_id(47824, 49014);\n script_xref(name:\"HP\", value:\"emr_na-c02962262\");\n script_xref(name:\"IAVB\", value:\"2011-B-0108\");\n script_xref(name:\"HP\", value:\"HPSBUX02700\");\n script_xref(name:\"HP\", value:\"SSRT100506\");\n\n script_name(english:\"HP-UX PHCO_42180 : HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code (HPSBUX02700 SSRT100506 rev.2)\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.23 VRTS 5.0 VRTSob Command Patch : \n\nPotential security vulnerabilities have been identified in HP-UX\nrunning the Veritas Enterprise Administrator (VEA), which comes\nbundled with VxVM. The vulnerabilities could be exploited remotely to\ncreate a Denial of Service (DoS) or execute arbitrary code.\nReferences: CVE-2011-0547, ZDI-CAN-1110, ZDI-CAN-1111.\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02962262\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a55dd2ee\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHCO_42180 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/11\");\n script_set_attribute(attribute:\"patch_modification_date\", value:\"2011/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/06\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.23\"))\n{\n exit(0, \"The host is not affected since PHCO_42180 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHCO_42180\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"VRTSob.VEAS-FILESET\", version:\"3.3.721.0\")) flag++;\nif (hpux_check_patch(app:\"VRTSob.VEAS-FILESET\", version:\"3.3.722.0\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:15:40", "bulletinFamily": "scanner", "description": "s700_800 11.23 VERITAS Enterprise Administrator Srvc Patch : \n\nPotential security vulnerabilities have been identified in HP-UX running the Veritas Enterprise Administrator (VEA), which comes bundled with VxVM. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or execute arbitrary code.\nReferences: CVE-2011-0547, ZDI-CAN-1110, ZDI-CAN-1111.", "modified": "2018-07-12T00:00:00", "id": "HPUX_PHCO_42173.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=56825", "published": "2012-03-06T00:00:00", "title": "HP-UX PHCO_42173 : HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code (HPSBUX02700 SSRT100506 rev.2)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHCO_42173. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(56825);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/07/12 19:01:15\");\n\n script_cve_id(\"CVE-2011-0546\", \"CVE-2011-0547\");\n script_bugtraq_id(47824, 49014);\n script_xref(name:\"HP\", value:\"emr_na-c02962262\");\n script_xref(name:\"IAVB\", value:\"2011-B-0108\");\n script_xref(name:\"HP\", value:\"HPSBUX02700\");\n script_xref(name:\"HP\", value:\"SSRT100506\");\n\n script_name(english:\"HP-UX PHCO_42173 : HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code (HPSBUX02700 SSRT100506 rev.2)\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.23 VERITAS Enterprise Administrator Srvc Patch : \n\nPotential security vulnerabilities have been identified in HP-UX\nrunning the Veritas Enterprise Administrator (VEA), which comes\nbundled with VxVM. The vulnerabilities could be exploited remotely to\ncreate a Denial of Service (DoS) or execute arbitrary code.\nReferences: CVE-2011-0547, ZDI-CAN-1110, ZDI-CAN-1111.\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02962262\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a55dd2ee\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHCO_42173 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/10\");\n script_set_attribute(attribute:\"patch_modification_date\", value:\"2011/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/06\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.23\"))\n{\n exit(0, \"The host is not affected since PHCO_42173 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHCO_42173\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"VRTSob.VEAS-FILESET\", version:\"3.2.532.0.100\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:15:40", "bulletinFamily": "scanner", "description": "s700_800 11.23 VRTS 3.5 VRTSob Command Patch : \n\nPotential security vulnerabilities have been identified in HP-UX running the Veritas Enterprise Administrator (VEA), which comes bundled with VxVM. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or execute arbitrary code.\nReferences: CVE-2011-0547, ZDI-CAN-1110, ZDI-CAN-1111.", "modified": "2018-07-12T00:00:00", "id": "HPUX_PHCO_42317.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=56835", "published": "2012-03-06T00:00:00", "title": "HP-UX PHCO_42317 : HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code (HPSBUX02700 SSRT100506 rev.2)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHCO_42317. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(56835);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/07/12 19:01:15\");\n\n script_cve_id(\"CVE-2011-0546\", \"CVE-2011-0547\");\n script_bugtraq_id(47824, 49014);\n script_xref(name:\"HP\", value:\"emr_na-c02962262\");\n script_xref(name:\"IAVB\", value:\"2011-B-0108\");\n script_xref(name:\"HP\", value:\"HPSBUX02700\");\n script_xref(name:\"HP\", value:\"SSRT100506\");\n\n script_name(english:\"HP-UX PHCO_42317 : HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code (HPSBUX02700 SSRT100506 rev.2)\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.23 VRTS 3.5 VRTSob Command Patch : \n\nPotential security vulnerabilities have been identified in HP-UX\nrunning the Veritas Enterprise Administrator (VEA), which comes\nbundled with VxVM. The vulnerabilities could be exploited remotely to\ncreate a Denial of Service (DoS) or execute arbitrary code.\nReferences: CVE-2011-0547, ZDI-CAN-1110, ZDI-CAN-1111.\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02962262\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a55dd2ee\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHCO_42317 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/24\");\n script_set_attribute(attribute:\"patch_modification_date\", value:\"2011/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/06\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.23\"))\n{\n exit(0, \"The host is not affected since PHCO_42317 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHCO_42317\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"VRTSob.VEAS-FILESET\", version:\"3.2.532.0.001\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:15:40", "bulletinFamily": "scanner", "description": "s700_800 11.31 VRTS 5.0.1 VRTSobc33 Command Patch : \n\nPotential security vulnerabilities have been identified in HP-UX running the Veritas Enterprise Administrator (VEA), which comes bundled with VxVM. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or execute arbitrary code.\nReferences: CVE-2011-0547, ZDI-CAN-1110, ZDI-CAN-1111.", "modified": "2018-07-12T00:00:00", "id": "HPUX_PHCO_42179.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=56830", "published": "2012-03-06T00:00:00", "title": "HP-UX PHCO_42179 : HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code (HPSBUX02700 SSRT100506 rev.2)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHCO_42179. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(56830);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/07/12 19:01:15\");\n\n script_cve_id(\"CVE-2011-0546\", \"CVE-2011-0547\");\n script_bugtraq_id(47824, 49014);\n script_xref(name:\"HP\", value:\"emr_na-c02962262\");\n script_xref(name:\"IAVB\", value:\"2011-B-0108\");\n script_xref(name:\"HP\", value:\"HPSBUX02700\");\n script_xref(name:\"HP\", value:\"SSRT100506\");\n\n script_name(english:\"HP-UX PHCO_42179 : HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code (HPSBUX02700 SSRT100506 rev.2)\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.31 VRTS 5.0.1 VRTSobc33 Command Patch : \n\nPotential security vulnerabilities have been identified in HP-UX\nrunning the Veritas Enterprise Administrator (VEA), which comes\nbundled with VxVM. The vulnerabilities could be exploited remotely to\ncreate a Denial of Service (DoS) or execute arbitrary code.\nReferences: CVE-2011-0547, ZDI-CAN-1110, ZDI-CAN-1111.\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02962262\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a55dd2ee\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHCO_42179 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/09\");\n script_set_attribute(attribute:\"patch_modification_date\", value:\"2011/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/06\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.31\"))\n{\n exit(0, \"The host is not affected since PHCO_42179 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHCO_42179\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"VRTSobc33.VRTSOBC33\", version:\"3.3.1510.0\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:15:40", "bulletinFamily": "scanner", "description": "s700_800 11.11 VERITAS Enterprise Administrator Srvc Patch : \n\nPotential security vulnerabilities have been identified in HP-UX running the Veritas Enterprise Administrator (VEA), which comes bundled with VxVM. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or execute arbitrary code.\nReferences: CVE-2011-0547, ZDI-CAN-1110, ZDI-CAN-1111.", "modified": "2018-07-12T00:00:00", "id": "HPUX_PHCO_42175.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=56826", "published": "2012-03-06T00:00:00", "title": "HP-UX PHCO_42175 : HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code (HPSBUX02700 SSRT100506 rev.2)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHCO_42175. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(56826);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/07/12 19:01:15\");\n\n script_cve_id(\"CVE-2011-0546\", \"CVE-2011-0547\");\n script_bugtraq_id(47824, 49014);\n script_xref(name:\"HP\", value:\"emr_na-c02962262\");\n script_xref(name:\"IAVB\", value:\"2011-B-0108\");\n script_xref(name:\"HP\", value:\"HPSBUX02700\");\n script_xref(name:\"HP\", value:\"SSRT100506\");\n\n script_name(english:\"HP-UX PHCO_42175 : HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code (HPSBUX02700 SSRT100506 rev.2)\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.11 VERITAS Enterprise Administrator Srvc Patch : \n\nPotential security vulnerabilities have been identified in HP-UX\nrunning the Veritas Enterprise Administrator (VEA), which comes\nbundled with VxVM. The vulnerabilities could be exploited remotely to\ncreate a Denial of Service (DoS) or execute arbitrary code.\nReferences: CVE-2011-0547, ZDI-CAN-1110, ZDI-CAN-1111.\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02962262\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a55dd2ee\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHCO_42175 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/09\");\n script_set_attribute(attribute:\"patch_modification_date\", value:\"2011/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/06\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.11\"))\n{\n exit(0, \"The host is not affected since PHCO_42175 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHCO_42175\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"VRTSob.VEAS-FILESET\", version:\"3.0.2.261a\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:15:40", "bulletinFamily": "scanner", "description": "s700_800 11.31 VRTS 5.0.1 VRTSob Command Patch : \n\nPotential security vulnerabilities have been identified in HP-UX running the Veritas Enterprise Administrator (VEA), which comes bundled with VxVM. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or execute arbitrary code.\nReferences: CVE-2011-0547, ZDI-CAN-1110, ZDI-CAN-1111.", "modified": "2018-07-12T00:00:00", "id": "HPUX_PHCO_42178.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=56829", "published": "2012-03-06T00:00:00", "title": "HP-UX PHCO_42178 : HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code (HPSBUX02700 SSRT100506 rev.2)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHCO_42178. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(56829);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/07/12 19:01:15\");\n\n script_cve_id(\"CVE-2011-0546\", \"CVE-2011-0547\");\n script_bugtraq_id(47824, 49014);\n script_xref(name:\"HP\", value:\"emr_na-c02962262\");\n script_xref(name:\"IAVB\", value:\"2011-B-0108\");\n script_xref(name:\"HP\", value:\"HPSBUX02700\");\n script_xref(name:\"HP\", value:\"SSRT100506\");\n\n script_name(english:\"HP-UX PHCO_42178 : HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code (HPSBUX02700 SSRT100506 rev.2)\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.31 VRTS 5.0.1 VRTSob Command Patch : \n\nPotential security vulnerabilities have been identified in HP-UX\nrunning the Veritas Enterprise Administrator (VEA), which comes\nbundled with VxVM. The vulnerabilities could be exploited remotely to\ncreate a Denial of Service (DoS) or execute arbitrary code.\nReferences: CVE-2011-0547, ZDI-CAN-1110, ZDI-CAN-1111.\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02962262\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a55dd2ee\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHCO_42178 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/09\");\n script_set_attribute(attribute:\"patch_modification_date\", value:\"2011/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/06\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.31\"))\n{\n exit(0, \"The host is not affected since PHCO_42178 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHCO_42178\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"VRTSob.VEAS-FILESET\", version:\"3.3.1510.0\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
