HPE Security Bulletin HPESBUX03699 SSRT110304 1 - Potential security vulnerabilities have been identified in the HP-UX BIND service running named. These vulnerabilities could be exploited remotely to create multiple Denial of Services (DoS). Revision 1 of this advisory.
4974b51e04bbd38c78bbd5e625800c16ba179f3441f644b2d153bb4599487f1b
CA Technologies support is alerting customers about a medium risk vulnerability that may allow a local attacker to gain additional privileges with products using CA Common Services running on the AIX, HP-UX, Linux, and Solaris platforms. The vulnerability, CVE-2016-9795, occurs due to insufficient validation by the casrvc program. A local unprivileged user can exploit the vulnerability to modify arbitrary files, which can potentially allow a local attacker to gain root level access.
fc6c18b1ab288c81928a10a9339d929938fcd7120518c622254694d974c59667
HP Security Bulletin HPSBUX03665 3 - Potential security vulnerabilities have been identified in the HP-UX Tomcat-based Servlet Engine. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or URL Redirection. Revision 3 of this advisory.
9d2cd9d2c5a5326760651264d9508d7f771267c319cee95f6f5733b6837bf96b
HP Security Bulletin HPSBUX03665 2 - Potential security vulnerabilities have been identified in the HP-UX Tomcat-based Servlet Engine. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) and URL Redirection. Revision 2 of this advisory.
8a33a45462fb5af32efafe6f3107b91eb71ecf3236ac6ed9fb1332835889de91
HP Security Bulletin HPSBUX03665 1 - Potential security vulnerabilities have been identified in the HP-UX Tomcat-based Servlet Engine. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) and URL Redirection. Revision 1 of this advisory.
bbafcd56c7474dd4c44957ace450decc84059a5ee53ec33bf03dac1511ccfa33
HPE Security Bulletin HPSBUX03664 SSRT110248 1 - Potential security vulnerabilities have been identified in the HP-UX BIND service running named. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
8392ef8f305c64e4593fbb2199e3103ae32dcd3a29294e47dec33379b147a07a
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
fb8d8d08d34957a211fe5bca2caee3dced915d053c525c4ae3a021e3b9685b95
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
921a4d32c511ba5b757fa4342ddbbd83dc250134c8d5562ce4500ce5b60fd456
HPE Security Bulletin HPSBUX03632 SSRT110194 1 - A potential security vulnerability has been identified in the HP-UX Mail Server running Sendmail. This vulnerability could be locally exploited to allow unauthorized disclosure of information. Revision 1 of this advisory.
2611e14853a5e7f2fd90830bc2ebfaf9ade33c054ba569656fb1ddfa30788e5a
HPE Security Bulletin HPSBUX03616 SSRT110128 2 - Potential security vulnerabilities have been identified with HP-UX CIFS-Server (Samba). The vulnerabilities could be exploited remotely to allow Denial of Service (DoS), disclosure of information and unauthorized access. Revision 2 of this advisory.
475e6545fb3a6224f2c1c6a766b468787f45e3b02df99ea3ac9c7865453c1257
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
5d0b57d29a32f76c996cc91d4b94ab498c193d6711fdde7eea60752b695f004f
HP Security Bulletin HPSBUX03606 1 - Potential security vulnerabilities have been identified in HP-UX running the Apache Tomcat 7 Servlet Engine. These vulnerabilities could be exploited remotely resulting in URL redirection, access restriction bypass, Cross-Site Request Forgery (CSRF), directory traversal, unauthorized read access to data, execution of arbitrary code with privilege elevation, or Denial of Service (DoS). Revision 1 of this advisory.
df62ff6655a43fb30ff150baa36bd88eeea1345a5f855edc60c502d45bb1d955
HP Security Bulletin HPSBUX03574 1 - Potential security vulnerabilities have been identified with HP-UX CIFS-Server (Samba). The vulnerabilities could be exploited remotely to cause access restriction bypass, authentication bypass, Denial of Service (DoS), unauthorized access to files, access restriction bypass, or unauthorized information disclosure. Revision 1 of this advisory.
3425ca46ec9693308573785c2ac516d648f5b8e32172b2e8f2ba16ba7c8482b9
HP Security Bulletin HPSBUX03596 1 - A security vulnerability in Samba was addressed by HPE HP-UX running CIFS Server (Samba). The vulnerability could be exploited resulting in remote access restriction bypass and unauthorized access. Revision 1 of this advisory.
e898f5880922ffdf8c30a8d319996d5b29645af69d70eea364258818e0e6290d
HPE Security Bulletin HPSBUX03577 SSRT102172 1 - A potential security vulnerability has been identified in HP-UX VxFS ACL inheritance. The vulnerability could result in local unauthorized access to files. Revision 1 of this advisory.
c666a3d3e83089c81d8467b6e59ed63d662a402d6103c400daf8db1f41629745
HPE Security Bulletin HPSBUX03583 SSRT110084 1 - Potential security vulnerabilities have been identified in the HP-UX BIND service running named. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
a91427fd382a1816a0da8390e9635c1956206d8290d7b0c0dfd9a0ac6deecedf
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
5674e9a94fd929ae2cf7a99442b66a0fd91e5d4b0454a1924466b2d9ab2bb770
HP Security Bulletin HPSBUX03561 1 - Potential security vulnerabilities has been identified in the HP-UX Tomcat-based Servlet Engine. These vulnerabilities could be exploited remotely to create Denial of Service (DoS), access restriction bypass, unauthorized read access to files, arbitrary code execution, and execution of arbitrary code with privilege elevation. Revision 1 of this advisory.
b5ecc5252638e66ff1f2f7a910bebebcd847eea2f66b38f774d1ef2569c89a5a
HPE Security Bulletin HPSBUX03552 SSRT102983 1 - A potential security vulnerability has been identified in the HP-UX BIND service running named. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
7cabe3343bf21619013021f50133dc63be6a2b2667215bea42b7afa0d0a56847
HPE Security Bulletin HPSBUX03437 SSRT110025 1 - A potential security vulnerability has been identified with HP-UX running HP-UX IPFilter. The vulnerability could be remotely exploited to cause a denial of service (DoS). Note: The vulnerability only exists when HP-UX IPFilter rules are configured for UDP protocol packets and the keep state option is used in that IPFilter rule. Revision 1 of this advisory.
2745eb916db8a309777acd800fa647b1859849b68fee1ffb2d5313663544bfe5
HPE Security Bulletin HPSBUX03359 SSRT102094 3 - A potential security vulnerability has been identified with the HP-UX pppoec utility. The vulnerability could be exploited in allowing a local user to elevate their privilege. Revision 3 of this advisory.
90583306ee0ebd5bf59b694edbc5213b5b2a0ab6b3ffb340b78977ce53dda0d2
HPE Security Bulletin HPSBUX03435 SSRT102977 1 - Potential security vulnerabilities have been identified with HP-UX Web Server Suite running Apache on HP-UX 11iv3. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) and other impacts including: The TLS vulnerability using US export-grade 512-bit keys in Diffie-Hellman key exchange known as "Logjam" could be exploited remotely to allow unauthorized modification. The RC4 stream cipher vulnerability in SSL/TLS known as "Bar Mitzvah" could be exploited remotely to allow disclosure of information. Apache does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters. Revision 1 of this advisory.
918b77ebec19829d1b59175aae0a8ee89dbdd934b71e72c94b5d47c034841f94
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
9c451054d240e594fbc81ca20259fac9c5d3c667142311f0e65886c13fd7ccfb
HPE Security Bulletin HPSBUX03529 SSRT102967 1 - Potential security vulnerabilities have been identified in the HP-UX BIND service running named. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
900b6d0f23492bb81c5701d07166014454a7d4d8edd5443ced5edb02fd85edb2
HPE Security Bulletin HPSBHF03433 SSRT102964 1 - A potential security vulnerability has been identified with HP-UX Running Mozilla Firefox and Thunderbird. This may allow remote disclosure of information. Note: This is the TLS vulnerability using US export-grade 512-bit keys in Diffie-Hellman key exchange known as "Logjam" which could be exploited remotely resulting in disclosure of information. Revision 1 of this advisory.
3e81b5eb4278ca6044b20d0deec6038c426e3ae3d970a9d87173dff635aa4758