Oval Definition:oval:org.mitre.oval:def:28359
Revision Date:2015-04-27Version:22
Title:A potential security vulnerability has been identified in the HP-UX running PAM using libpam_updbe in pam.conf(4). This vulnerability could allow remote users to bypass certain authentication restrictions.
Description:HP HP-UX B.11.11, B.11.23, and B.11.31, when the PAM configuration includes libpam_updbe, allows remote authenticated users to bypass authentication, and consequently execute arbitrary code, via unspecified vectors.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2014-7879
Platform(s):HP-UX 11
Product(s):
Definition Synopsis
  • Criteria meets HP Security Bulletin HPSBUX03166
  • HP-UX B.11.31
  • AND filesets tests
  • OS-Core.ADMN-ENG-A-MAN is installed
  • OR OS-Core.CORE-ENG-A-MAN is installed
  • OR OS-Core.CORE-SHLIBS is installed
  • AND NOT Patch PHCO_43873 is installed
  • OR Criteria meets HP Security Bulletin HPSBUX03166
  • HP-UX B.11.31
  • AND filesets tests
  • OS-Core.ADMN-ENG-A-MAN is installed
  • OR OS-Core.CORE-ENG-A-MAN is installed
  • OR OS-Core.CORE-64SLIB is installed
  • OR OS-Core.CORE-SHLIBS is installed
  • OR OS-Core.CORE2-64SLIB is installed
  • OR OS-Core.CORE2-SHLIBS is installed
  • AND NOT Patch PHCO_43875 is installed
  • OR Criteria meets HP Security Bulletin HPSBUX03166
  • HP-UX B.11.23
  • AND filesets tests
  • OS-Core.ADMN-ENG-A-MAN is installed
  • OR OS-Core.CORE-ENG-A-MAN is installed
  • OR OS-Core.CORE2-64SLIB is installed
  • OR OS-Core.CORE2-SHLIBS is installed
  • AND NOT Patch PHCO_43874 is installed
    • BACK