发布时间 :2000-12-19 00:00:00
修订时间 :2017-10-09 21:29:24

[原文]The NSAPI plugins for TGA and the Java Servlet proxy in HP-UX VVOS 10.24 and 11.04 allows an attacker to cause a denial of service (high CPU utilization).

[CNNVD]HP-UX VVOS TGA及Java Servlet代理NSAPI插件服务拒绝漏洞(CNNVD-200012-128)

        HP-UX VVOS 10.24 和11.04版本TGA及Java Servlet代理中NSAPI插件存在漏洞。攻击者导致服务拒绝(高CPU使用率)。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/o:hp:vvos:10.24HP VVOS 10.24
cpe:/o:hp:vvos:11.04HP VVOS 11.04

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:5735The NSAPI plugin versions of the TGA and the Java Servlet proxy demonstrate high CPU utilization under certain conditions.

- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(UNKNOWN)  XF  hp-virtualvault-nsapi-dos

- 漏洞信息

HP-UX VVOS TGA及Java Servlet代理NSAPI插件服务拒绝漏洞
中危 未知
2000-12-19 00:00:00 2006-11-14 00:00:00
        HP-UX VVOS 10.24 和11.04版本TGA及Java Servlet代理中NSAPI插件存在漏洞。攻击者导致服务拒绝(高CPU使用率)。

- 公告与补丁


- 漏洞信息

NSAPI TGA and Java Servlet Plugins DoS
Location Unknown Denial of Service
Loss of Availability

- 漏洞描述

The NSAPI plugin versions of the TGA and Java Servlet proxy for HP VirtualVault contain a flaw that may allow a denial of service attack. The issue is triggered under certain conditions that have not been disclosed, and will result in loss of availability of services on the affected computer due to high CPU utilization.

- 时间线

2000-10-12 Unknow
Unknow Unknow

- 解决方案

Currently, there are no known workarounds or upgrades to correct this issue. However, HP has released a patch to address this vulnerability: For HP-UX release 10.24 with VirtualVault A.03.50: apply patch PHSS_22187 For HP-UX release 11.04 with VirtualVault A.04.00: apply patch PHSS_22296

- 相关参考

- 漏洞作者

Unknown or Incomplete