Executive Summary

Summary
Title HP-UX Running sendmail, Remote Denial of Service (DoS)
Informations
Name HPSBUX02495 SSRT090151 First vendor Publication 2009-12-08
Vendor HP Last vendor Modification 2010-01-14
Severity (Vendor) N/A Revision 2

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A potential security vulnerability has been identified with HP-UX running sendmail. This vulnerability could allow a remote user to create a Denial of Service (DoS).

Original Source

Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01953398

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-264 Permissions, Privileges, and Access Controls

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:6892
 
Oval ID: oval:org.mitre.oval:def:6892
Title: HP-UX Running sendmail, Remote Denial of Service (DoS)
Description: Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass relaying restrictions enforced by the 'check_relay' function by spoofing a blank DNS hostname.
Family: unix Class: vulnerability
Reference(s): CVE-2002-2261
Version: 6
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8512
 
Oval ID: oval:org.mitre.oval:def:8512
Title: HP-UX Running sendmail, Remote Denial of Service (DoS)
Description: Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass relaying restrictions enforced by the 'check_relay' function by spoofing a blank DNS hostname.
Family: unix Class: vulnerability
Reference(s): CVE-2002-2261
Version: 6
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 28

OpenVAS Exploits

Date Description
2010-01-20 Name : HP-UX Update for sendmail HPSBUX02495
File : nvt/gb_hp_ux_HPSBUX02495.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
60140 Sendmail Spoofed DNS Hostname check_relay Function Bypass

Nessus® Vulnerability Scanner

Date Description
2009-12-14 Name : The remote HP-UX host is missing a security-related patch.
File : hpux_PHNE_40388.nasl - Type : ACT_GATHER_INFO
2009-12-14 Name : The remote HP-UX host is missing a security-related patch.
File : hpux_PHNE_40393.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:38:33
  • Multiple Updates