HP-UX MailServer Sendmail Local Information Disclosure Vulnerability (CVE-2014-3956) Advisory

Key Information Summary Vulnerability Identifier: - ID: HPSBUX03632 SSRT110194 rev.1 - CVE Number: CVE-2014-3956 - Reference Number: PSRT110194 Potential Security Impact: - Type: Unauthorized Information Disclosure - Description: HP-UX Mail Server running Sendmail contains a potential security vulnerability that can be exploited locally, leading to unauthorized information disclosure. Affected Software Versions: - Affected HP-UX MailServer Versions: All versions prior to C.8.15.2.1, from B.11.31 to C.8.15.2.1 CVSS Score: - Version 3.0: 2.9 (AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) - Version 2.0: 1.9 (AV:L/AC:M/Au:N/C:P/I:N/A:N) Remediation: - Fixed Version: HPUX-MailServer C.8.15.2.1 for HP-UX Release B.11.31 (PA and IA) - Depot: HP_UX_11.31_HPUX-MailServer_C.8.15.2.1_HP-UX_B.11.31_IA_PA.depot - Download Link: https://h20392.www2.hpe.com/portal/swdepot/displayProductInfo.do?productNumber=SMAIL815 History: - Version: 1 (rev.1) - Initially released on August 1, 2016 Additional Resources: - HP-UX Software Assistant: https://h20392.www2.hpe.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA

Goal Reached Thanks to every supporter — we hit 100%!

HP-UX MailServer Sendmail Local Information Disclosure Vulnerability (CVE-2014-3956) Advisory