TITLE:
HP Tru64 UNIX Secure Web Server XML_RPC PHP Code Execution
Vulnerability

SECUNIA ADVISORY ID:
SA18003

VERIFY ADVISORY:
http://secunia.com/advisories/18003/

CRITICAL:
Highly critical

IMPACT:
System access

WHERE:
>From remote

OPERATING SYSTEM:
HP Tru64 UNIX 5.x
http://secunia.com/product/2/

DESCRIPTION:
HP has acknowledged a vulnerability in HP Tru64 UNIX Secure Web
Server, which can be exploited by malicious people to compromise a
vulnerable system.

For more information:
SA15861

The vulnerability has been reported in the following versions of HP
Tru64 UNIX when running the Secure Web Server 6.4.1 and earlier:
* HP Tru64 UNIX Version 5.1B-3
* HP Tru64 UNIX Version 5.1B-2/PK4
* HP Tru64 UNIX Version 5.1A PK6

SOLUTION:
Update to Secure Web Server (SWS) 6.4.1a.

HP Tru64 UNIX 5.1B-3 / 5.1B-2/PK4 / 5.1A PK6:
http://h30097.www3.hp.com/internet/download.htm#sws
MD5 Checksum: 3000048bb9e39b02e95628741f62e37b

ORIGINAL ADVISORY:
HPSBTU02083 SSRT051069:
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00576921

OTHER REFERENCES:
SA15861:
http://secunia.com/advisories/15861/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------