News Stay informed about the latest enterprise technology news and product updates.

HP fixes multiple remote takeover vulnerabilities

HP Tru64 UNIX administrators need to apply vendor patches for highly critical security vulnerabilities that could allow a remote attacker to take over affected systems.

Hewlett-Packard recently announced the fixes for multiple vulnerabilities in its Tru64 Unix operating system, which is the enterprise Unix operating environment for HP AlphaServer systems.

The problem occurs in the IPSec/IKE components of Tru64. IPSec is widely used to provide security, including Virtual Private Network (VPN) support, for the IP protocol. While HP has not specified the nature of the vulnerabilities, they have indicated that the problem is with certificate handling, and could permit remote system access.

The problem is known to affect versions 5.1A PK6(BL24), 5.1B PK2(BL22), and PK3(BL24). No workarounds are available. However, HP has posted patches to fix the problems for 5.1A and for 5.1B.

In January, HP announced fixes for another IPSec problem in Tru64 version 5.1B that also involved system access vulnerability.

Dig Deeper on Network device security: Appliances, firewalls and switches

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.