HP-UX, Solaris and Avaya

HP-UX DCE Denial of Service

An unspecified issue has been reported in HP-UX programs that run DCE. One such program is Software Distributor (SD). A successful exploit can cause a remote Denial of Service. Additionally, systems running some versions of OpenSSL are also prone to DoS and possibly system compromise.

For more details see: HP Support Document HPSBUX02294 SSRT071451 DCE DoS

HPSBUX02296 SSRT071504
OpenSSL DoS/Code Execution

Solaris 10 NFS Privilege Escalation
Solaris 10 systems running with kernel patches 120011-04 or later for SPARC and 120012-04 or later for x86 may allow unauthorized root access to files served by NFS. To be vulnerable the system must be running an NFS server and have one or more netgroups configured with root privileges. Full details can be found in the Sunsolve document 103162.

Avaya Products Using Samba

Avaya products that use samba may be at risk for system compromise. The affected products are: Intuity Audix LX, Messaging Storage Server and Message Networking. Full details can be found at ASA-2007-520

Leave a Reply