ID CVE-2008-1662
Summary Unspecified vulnerability in the HP System Administration Manager (SAM) on HP-UX B.11.11 and B.11.23, when used to configure NFS, might allow remote attackers to read or modify arbitrary files, related to an "empty systems list."
References
Vulnerable Configurations
  • HP-UX B.11.11
    cpe:2.3:o:hp:hp-ux:b.11.11
  • HP-UX B.11.23
    cpe:2.3:o:hp:hp-ux:b.11.23
  • cpe:2.3:a:hp:system_administration_manager
    cpe:2.3:a:hp:system_administration_manager
CVSS
Base: 10.0 (as of 01-08-2008 - 11:38)
Impact:
Exploitability:
CWE CWE-16
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHCO_36562.NASL
    description s700_800 11.11 cumulative SAM patch : A potential security vulnerability has been identified in HP-UX running System Administration Manager (SAM). This vulnerability may allow unintended remote access.
    last seen 2019-02-21
    modified 2018-11-19
    plugin id 33828
    published 2008-08-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33828
    title HP-UX PHCO_36562 : HP-UX Running System Administration Manager (SAM), Unintended Remote Access (HPSBUX02286 SSRT071466 rev.1)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHCO_36563.NASL
    description s700_800 11.23 cumulative SAM patch : A potential security vulnerability has been identified in HP-UX running System Administration Manager (SAM). This vulnerability may allow unintended remote access.
    last seen 2019-02-21
    modified 2018-11-19
    plugin id 33829
    published 2008-08-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33829
    title HP-UX PHCO_36563 : HP-UX Running System Administration Manager (SAM), Unintended Remote Access (HPSBUX02286 SSRT071466 rev.1)
oval via4
accepted 2014-03-24T04:01:47.941-04:00
class vulnerability
contributors
  • name Michael Wood
    organization Hewlett-Packard
  • name Sushant Kumar Singh
    organization Hewlett-Packard
  • name Sushant Kumar Singh
    organization Hewlett-Packard
description Unspecified vulnerability in the HP System Administration Manager (SAM) on HP-UX B.11.11 and B.11.23, when used to configure NFS, might allow remote attackers to read or modify arbitrary files, related to an "empty systems list."
family unix
id oval:org.mitre.oval:def:5814
status accepted
submitted 2008-07-31T12:40:22.000-04:00
title HP-UX Running System Administration Manager (SAM), Unintended Remote Access
version 36
refmap via4
bid 30449
hp
  • HPSBUX02286
  • SSRT071466
sectrack 1020580
secunia 31309
vupen ADV-2008-2258
xf hp-hpux-sam-weak-security(44119)
Last major update 07-03-2011 - 22:07
Published 01-08-2008 - 10:41
Last modified 28-09-2017 - 21:30
Back to Top