dcsimg
 

HP Plugs 'Critical' Tru64 UNIX Flaws

Friday Mar 5th 2004 by Ryan Naraine

HP issued a security patch Friday to plug 'highly critical' holes in its HP Tru64 Unix operating system. It warned that a successful exploit could lead to system takeover.

HP has issued a security patch to plug "highly critical" holes in its HP Tru64 Unix operating system with a warning that a successful exploit could lead to system takeover.

The company did not provide details of the vulnerabilities, which are a result of unspecified errors within the certificate handling of IPsec/IKE. IPSec, widely deployed to implement corporate Virtual Private Networks (VPNs), provides cryptographically based security for the IP protocols.

Products affected by the security vulnerabilities include the HP Tru64 UNIX 5.1B PK2(BL22) and PK3(BL24) and the HP Tru64 UNIX 5.1A PK6(BL24).

Research firm Secunia, which rates the flaws as "highly critical," says malicious hackers can take control of vulnerable systems remotely.

HP repair kits have been posted online here and here.

Home
Mobile Site | Full Site