发布时间 :2002-06-18 00:00:00
修订时间 :2009-03-04 00:12:27

[原文]Unknown vulnerability in ndd for HP-UX 11.11 with certain TRANSPORT patches allows attackers to cause a denial of service.

[CNNVD]HP-UX ndd服务拒绝漏洞(CNNVD-200206-008)

        带有特定TRANSPORT补丁的HP-UX 11.11版本中ndd存在未知的漏洞。攻击者利用该漏洞导致服务拒绝。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:5490HP-UX running ndd(1M), Local Denial of Service (DoS)

- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(UNKNOWN)  XF  hpux-ndd-dos(9020)

- 漏洞信息

HP-UX ndd服务拒绝漏洞
中危 其他
2002-06-18 00:00:00 2009-03-04 00:00:00
        带有特定TRANSPORT补丁的HP-UX 11.11版本中ndd存在未知的漏洞。攻击者利用该漏洞导致服务拒绝。

- 公告与补丁

        A patch is available:
        HP HP-UX 11.11

- 漏洞信息

HP-UX ndd TRANSPORT Patches Unspecified DoS
Denial of Service
Loss of Availability

- 漏洞描述

Unknown or Incomplete

- 时间线

2002-05-07 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

HP-UX ndd Denial of Service Vulnerability
Failure to Handle Exceptional Conditions 4680
No Yes
2002-05-06 12:00:00 2009-07-11 12:46:00
Published in HP Security Bulletin HPSBUX0205-192.

- 受影响的程序版本

HP HP-UX 11.11

- 漏洞讨论

HP-UX 11 includes the ndd command, which may be used to control a number of network parameters. A vulnerability has been reported in the ndd binary included with some versions of HP-UX which may cause a denial of service condition.

Reportedly, HP-UX 11.11 is vulnerable only when TRANSPORT patches PHNE_24211, PHNE_24506, PHNE_25134, or PHNE_25642 have been installed.

- 漏洞利用

Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: <>.

- 解决方案

A patch is available:

HP HP-UX 11.11

- 相关参考