vulnerability bulletin CVE-2009-1421

HP-UX: denial of service via ONCplus NFS

Synthesis of the vulnerability

A local attacker can create a denial of service on the NFS component of ONCplus.

Severity: 1/4. Creation date: 01/07/2009.

Description of the vulnerability

The ONCplus (Open Network Computing) suite provides several services:  - NFS : file share  - AutoFS : automatic filesystem mounting  - etc. A local attacker can create a denial of service on the NFS component of ONCplus. Technical details are unknown.

Complete Vigil@nce bulletin

Access to the complete Vigil@nce bulletin

Characteristics

Title: HP-UX: denial of service via ONCplus NFS. Keywords: AutoFS Computing HP-UX NFS Network ONCplus Open denial service. Identifiers: BID-35547, c01793493, CVE-2009-1421, HPSBUX02440, SSRT090106, VIGILANCE-VUL-8833.

Information sources

Publications and announces Source example: HPSBUX02440 SSRT090106 rev.1 - HP-UX Running NFS/ONCplus, Local Denial of Service (DoS)

Solutions for this vulnerability

Patch or workaround

Computer vulnerabilities tracking service

The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.
The Vigil@nce vulnerability database contains several thousand vulnerabilities.
This bulletin is published by the Vigil@nce team, which tracks computer vulnerabilities impacting systems and applications.
Technology watch team on vulnerabilities