HP Tru64 UNIX Unspecified IPsec/IKE Remote Privilege Escalation Vulnerability
BID:9803
Info
HP Tru64 UNIX Unspecified IPsec/IKE Remote Privilege Escalation Vulnerability
| Bugtraq ID: | 9803 |
| Class: | Unknown |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 04 2004 12:00AM |
| Updated: | Mar 04 2004 12:00AM |
| Credit: | This issue was reported in an HP advisory. |
| Vulnerable: |
Compaq Tru64 5.1 b PK3(BL24) Compaq Tru64 5.1 b PK2 (BL22) Compaq Tru64 5.1 a PK6(BL24) |
| Not Vulnerable: | |
Discussion
HP Tru64 UNIX Unspecified IPsec/IKE Remote Privilege Escalation Vulnerability
HP has reported an unspecified vulnerability in HP Tru64 UNIX. This issue is reported to exist in systems using IPsec and Internet Key Exchange (IKE) with certificates. Successful exploitation of this issue may allow an attacker to remotely compromise a vulnerable system.
Although unconfirmed, this issue may be related to Multiple Vendor IKE Implementation Certificate Authenticity Verification Vulnerability (BID 9208). This BID will be updated as more information becomes available.
HP Tru64 UNIX 5.1B PK2(BL22), 5.1B PK3(BL24), and 5.1A PK6(BL24) are reported to be vulnerable to this issue.
HP has reported an unspecified vulnerability in HP Tru64 UNIX. This issue is reported to exist in systems using IPsec and Internet Key Exchange (IKE) with certificates. Successful exploitation of this issue may allow an attacker to remotely compromise a vulnerable system.
Although unconfirmed, this issue may be related to Multiple Vendor IKE Implementation Certificate Authenticity Verification Vulnerability (BID 9208). This BID will be updated as more information becomes available.
HP Tru64 UNIX 5.1B PK2(BL22), 5.1B PK3(BL24), and 5.1A PK6(BL24) are reported to be vulnerable to this issue.
Exploit / POC
HP Tru64 UNIX Unspecified IPsec/IKE Remote Privilege Escalation Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
HP Tru64 UNIX Unspecified IPsec/IKE Remote Privilege Escalation Vulnerability
Solution:
HP has released an advisory with Early Release Patch (ERP) kit information to address this issue. HP has released ERP Kit T64KIT0021591-V51BB24-ES-20040216.tar for HP Tru64 UNIX 5.1B and ERP Kit ipsec_binary_X2.1.2.tar.gz for HP Tru64 UNIX 5.1A. Please contact the vendor to obtain the patches. Further information is available in the referenced advisory.
Solution:
HP has released an advisory with Early Release Patch (ERP) kit information to address this issue. HP has released ERP Kit T64KIT0021591-V51BB24-ES-20040216.tar for HP Tru64 UNIX 5.1B and ERP Kit ipsec_binary_X2.1.2.tar.gz for HP Tru64 UNIX 5.1A. Please contact the vendor to obtain the patches. Further information is available in the referenced advisory.
References
HP Tru64 UNIX Unspecified IPsec/IKE Remote Privilege Escalation Vulnerability
References:
References: