U radu operacijskog sustava HP-UX uočen je i ispravljen novi sigurnosni propust. Riječ je o poznatom HP-ovom operacijskom sustavu čiji se rad temelji na radu operacijskog sustava UNIX System V. Uočeni nedostatak posljedica je za sada nespecificirane ranjivosti koja zlonamjernim, lokalnim korisnicima omogućuje pokretanje napada uskraćivanja usluge (eng. Denial of Service). Detaljniji podaci o samom propustu još nisu objavljeni. Objavljena su rješenja koja ispravljaju navedeni propust te se svim korisnicima savjetuje njihova primjena.

HP-UX Unspecified Data Processing Local Denial of Service Vulnerability

VUPEN ID 	VUPEN/ADV-2011-0838
CVE ID 	CVE-2011-0891
 
CWE ID 	Available in VUPEN VNS Customer Area
CVSS V2 	Available in VUPEN VNS Customer Area
Rated as 	Low Risk 
Impact 	Available in VUPEN VNS Customer Area
Authentication Level 	Available in VUPEN VNS Customer Area
Access Vector 	Available in VUPEN VNS Customer Area
Release Date 	2011-04-01
Share 	Twitter LinkedIn Facebook Delicious Digg Slashdot

Technical Description

A vulnerability has been identified in HP-UX, which could be exploited by local attackers to cause a denial of service. This issue is caused by an unknown error with unknown attack vectors. No further details have been disclosed.

Affected Products

HP-UX B.11.23
HP-UX B.11.31

Solution 

HP-UX B.11.23 - Install patch PHKL_41944 or subsequent

HP-UX B.11.31 - Install patch PHKL_41945 or subsequent

References

http://www.vupen.com/english/advisories/2011/0838
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02753287

Credits 

Vulnerability reported by the vendor.

Changelog 

2011-04-01 : Initial release