|
HP-UX Unspecified TCP/IP Denial of Service Vulnerability
|
|
Secunia Advisory:
|
SA15123
|
|
|
Release Date:
|
2005-04-26
|
|
Last Update:
|
2007-10-10
|
|
Popularity:
|
10,621 views
|
|
|
Critical:
|
Moderately critical
|
|
Impact:
|
DoS
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| OS: | HP-UX 11.x
|
|
|
Secunia CVSS-2 Score:
|
Available in Secunia business solutions 
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| Advisory Content (Page 2 of 3) | [ 1 ] [ 2 ] [ 3 ] | |
|
Solution:
Apply updates.
http://www.hp.com/go/softwaredepot
HP-UX B.11.11 (without IPSec):
Install PHNE_33159 or later
HP-UX B.11.11 (with IPSec):
Install IPSec revision A.02.01.01 or later and PHNE_35351 or later
HP-UX B.11.23 (without IPSec):
Install PHNE_32606 or later
HP-UX B.11.23 (with IPSec):
Install IPSec revision A.02.01.01 or later and PHNE_35766 or later
HP-UX B.11.22:
Install preliminary binary files and set ip_pmtu_strategy= 0.
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01164
Note: The vendor had previously recommended setting the "ip_pmtu_strategy" parameter to 0 or 3 as a workaround. This should be restored to the default value of 1 after installing the patch (see vendor advisory for more information).
Provided and/or discovered by:
Reported by vendor.
Changelog:
2005-12-08: Vendor released patches. Updated "Solution Status", "Solution" and "Original Advisory" sections.
2007-04-13: Changed "A.2.00.01" to "A.02.00.01" in "Solution" section based on updates from HP. Updated "Description" section. Added link to US-CERT.
2007-05-04: Updated "Solution" section. Changed the "ip_pmtu_strategy" default value in the note from "2" to "1" based on updated information from HP.
2007-10-10: Updated "Solution" section based on updates from HP (e.g. Changed "A.02.00.01" to "A.02.01.01"). Changed link in "Original Advisory" section.
Original Advisory:
HPSBUX01137 SSRT5954:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00571568
Other References:
US-CERT VU#972686:
http://www.kb.cert.org/vuls/id/972686
Change Page:
[ 1 ] [ 2 ] [ 3 ]
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
