Vulnerability Name:

CVE-2005-3565 (CCN-23036)

Assigned:2005-11-09
Published:2005-11-09
Updated:2017-10-11
Summary:Unknown vulnerability in remshd daemon in HP-UX B.11.00, B.11.11, and B.11.23 while running in "Trusted Mode" allows remote attackers to gain unauthorized system access via unknown attack vectors.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2005-3565

Source: OSVDB
Type: UNKNOWN
20679

Source: CCN
Type: SA17507
HP-UX Trusted Mode remshd Security Bypass Vulnerability

Source: SECUNIA
Type: Patch, Vendor Advisory
17507

Source: CCN
Type: SECTRACK ID: 1015173
HP-UX Trusted Mode Unspecified remshd Bug Lets Remote Users Access the System

Source: SECTRACK
Type: Patch
1015173

Source: CCN
Type: ASA-2006-044
HP-UX Trusted Mode remshd Remote (HPSBUX02072)

Source: CCN
Type: OSVDB ID: 20679
HP-UX Trusted Mode remshd Unspecified Remote Access

Source: BID
Type: UNKNOWN
15366

Source: CCN
Type: BID-15366
HP-UX RemSHD Unspecified Unauthorized Access Vulnerability

Source: VUPEN
Type: UNKNOWN
ADV-2005-2358

Source: HP
Type: UNKNOWN
HPSBUX02072

Source: CCN
Type: Hewlett-Packard Company Security Bulletin HPSBUX02072
HPSBUX02072 SSRT051014 - HP-UX Trusted Mode remshd

Source: XF
Type: UNKNOWN
hpux-remshd-bypass-security(23036)

Source: XF
Type: UNKNOWN
hpux-remshd-bypass-security(23036)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:1151

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:1576

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:766

Vulnerable Configuration:Configuration 1:
  • cpe:/o:hp:hp-ux:11.00:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.11:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.23:*:ia64_64-bit:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:hp:hp-ux:11.00:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.11:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.23:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:766
    V
    		HP-UX Trusted Mode remshd, Remote Unauthorized Access
    2014-03-24
    oval:org.mitre.oval:def:1151
    V
    		HP-UX Trusted Mode remshd Remote Unauthorized Access (B.11.11)
    2010-09-20
    oval:org.mitre.oval:def:1576
    V
    		HP-UX Trusted Mode remshd Remote Unauthorized Access (B.11.23)
    2010-09-20
    BACK
    hp hp-ux 11.00
    hp hp-ux 11.11
    hp hp-ux 11.23
    hp hp-ux 11.00
    hp hp-ux 11.11
    hp hp-ux 11.23