Oval Definition:oval:org.mitre.oval:def:11986
Revision Date:2015-04-20Version:30
Title:HP-UX Running ONCplus rpc.pcnfsd, Remote Denial of Service (DoS), Increase in Privilege
Description:Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2010-1039
Platform(s):HP-UX 11
Product(s):
Definition Synopsis
  • Criteria meets HP Security Bulletin HPSBUX02523
  • HP-UX B.11.23
  • AND filesets tests
  • NFS.NFS-CLIENT is installed
  • OR NFS.NFS-KRN is installed
  • OR NFS.NFS2-CORE is installed
  • OR NFS.NFS2-PRG is installed
  • OR NFS.NFS2-SERVER is installed
  • AND NOT Patch PHNE_41021 is installed
  • OR Criteria meets HP Security Bulletin HPSBUX02523
  • HP-UX B.11.11
  • AND filesets tests
  • NFS.NFS-KRN is installed
  • OR NFS.KEY-CORE is installed
  • OR NFS.NFS-64ALIB is installed
  • OR NFS.NFS-64SLIB is installed
  • OR NFS.NFS-CLIENT is installed
  • OR NFS.NFS-CORE is installed
  • OR NFS.NFS-PRG is installed
  • OR NFS.NFS-SERVER is installed
  • OR NFS.NFS-SHLIBS is installed
  • OR NFS.NISPLUS-CORE is installed
  • AND NOT Patch PHNE_41023 is installed
  • OR Criteria meets HP Security Bulletin HPSBUX02523
  • HP-UX B.11.31
  • AND filesets tests
  • NFS.NFS2-SERVER version is less than B.11.31.09.01
  • OR NFS.KEY-CORE version is less than B.11.31.09.01
  • OR NFS.NIS-CLIENT version is less than B.11.31.09.01
  • OR NFS.NFS-64ALIB version is less than B.11.31.09.01
  • OR NFS.NIS-CORE version is less than B.11.31.09.01
  • OR NFS.NFS-64SLIB version is less than B.11.31.09.01
  • OR NFS.NIS-SERVER version is less than B.11.31.09.01
  • OR NFS.NIS2-CLIENT version is less than B.11.31.09.01
  • OR NFS.NFS-CLIENT version is less than B.11.31.09.01
  • OR NFS.NFS-CORE version is less than B.11.31.09.01
  • OR NFS.NFS-KRN version is less than B.11.31.09.01
  • OR NFS.NFS-PRG version is less than B.11.31.09.01
  • OR NFS.NFS-SERVER version is less than B.11.31.09.01
  • OR NFS.NFS-SHLIBS version is less than B.11.31.09.01
  • OR NFS.NFS2-CORE version is less than B.11.31.09.01
  • OR NFS.NFS2-CLIENT version is less than B.11.31.09.01
  • OR NFS.NFS2-PRG version is less than B.11.31.09.01
    • BACK