vulnerability bulletin CVE-2009-1421

HP-UX: denial of service via ONCplus NFS

Synthesis of the vulnerability

A local attacker can create a denial of service on the NFS component of ONCplus.

Severity: 1/4. Creation date: 01/07/2009.

Impacted products

• HP-UX

Description of the vulnerability

The ONCplus (Open Network Computing) suite provides several services:  - NFS : file share  - AutoFS : automatic filesystem mounting  - etc. A local attacker can create a denial of service on the NFS component of ONCplus. Technical details are unknown.

Share this bulletin

Complete Vigil@nce bulletin

HP-UX: denial of service via ONCplus NFS

Characteristics

Title: HP-UX: denial of service via ONCplus NFS. Keywords: AutoFS Computing HP-UX NFS Network ONCplus Open denial service. Identifiers: BID-35547, c01793493, CERTA-2009-AVI-264, CVE-2009-1421, HPSBUX02440, SSRT090106, VIGILANCE-VUL-8833.

Information sources

Publications and announces Source example: HPSBUX02440 SSRT090106 rev.1 - HP-UX Running NFS/ONCplus, Local Denial of Service (DoS)

Solutions for this vulnerability

Patch or workaround

Computer vulnerabilities tracking service

Vigil@nce provides an application vulnerability workaround. The technology watch team tracks security threats targeting the computer system. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. The Vigil@nce vulnerability database contains several thousand vulnerabilities.