Description: HP has acknowledged some vulnerabilities in HP Tru64 Unix.
1) Some vulnerabilities in SSL can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
The vulnerabilities are reported in the following products:
* HP Tru64 UNIX v 5.1B-4
* HP Tru64 UNIX v 5.1B-3
* HP Tru64 UNIX v 5.1A PK6
* HP Tru64 UNIX v 4.0G PK4
* HP Tru64 UNIX v 4.0F PK8
Solution: The vendor expects to fix this in HP Tru64 UNIX v 5.1B-5.
Provided and/or discovered by: Reported by the vendor.
Changelog: 2007-04-20: Updated links in "Solution" section. Added link to "Original advisory" section.
2007-06-27: Updated ERP link for HP Tru64 UNIX v 5.1B-4, which reportedly resolves installation problems experienced by some customers.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
