HP Insight Control, Sun Solaris

ソフト名：HP Insight Control (Linux (IC-Linux) 6.3未満), Sun Solaris 10 (OpenBSD OpenSSL 0.9.8f〜0.9.8q/1.0.0〜1.0.0c, OpenBSD OpenSSH 5.6/5.7)

回避策：アップデート,HPSBMA02658 SSRT100413にて対応

脆弱性：セキュリティ制限の回避, 機密情報の奪取, DoS攻撃, システムアクセス, バッファオーバーフロー, 暗号化脆弱性, 無効なメモリアクセス, スタックメモリの曝露, ハッシュ衝突攻撃

ソース：http://h18000.www1.hp.com/products/servers/management/insightcontrol_linux2/index.html

http://www.oracle.com/us/products/servers-storage/solaris/index.html?origref=http://secunia.com/advisories/product/4813/

http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02794777

http://blogs.sun.com/security/entry/cve_2008_7270_vulnerability_in

http://secunia.com/advisories/42243/

http://secunia.com/advisories/42473/

http://secunia.com/advisories/43227/

http://secunia.com/advisories/43181/

http://secunia.com/advisories/44269/

http://secunia.com/advisories/44286/

http://dvw-j.blogspot.com/2010/12/openssl.html

http://dvw-j.blogspot.com/2011/02/openbsd-openssl.html

http://dvw-j.blogspot.com/2011/02/openbsd-openssh.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7270

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4180

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0014

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0539

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1535

CVE：CVE-2008-7270, CVE-2010-3864, CVE-2010-4180, CVE-2011-0014, CVE-2011-0539, CVE-2011-1535

危険性：Medium Risk