HP fixes multiple remote takeover vulnerabilities

Edmund X. DeJesus, Contributing Writer

Hewlett-Packard recently announced the fixes for multiple vulnerabilities in its Tru64 Unix operating system, which is the enterprise Unix operating environment for HP AlphaServer systems.

The problem occurs in the IPSec/IKE components

    Requires Free Membership to View

of Tru64. IPSec is widely used to provide security, including Virtual Private Network (VPN) support, for the IP protocol. While HP has not specified the nature of the vulnerabilities, they have indicated that the problem is with certificate handling, and could permit remote system access.

The problem is known to affect versions 5.1A PK6(BL24), 5.1B PK2(BL22), and PK3(BL24). No workarounds are available. However, HP has posted patches to fix the problems for 5.1A and for 5.1B.

In January, HP announced fixes for another IPSec problem in Tru64 version 5.1B that also involved system access vulnerability.

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: