|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[sec-adv] HP-UX Shells Insecure Temporary File Creation Vulnerability
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Thu Aug 28 2003 - 10:25:15 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
TITLE:
HP-UX Shells Insecure Temporary File Creation Vulnerability
SECUNIA ADVISORY ID:
SA9628
VERIFY ADVISORY:
http://www.secunia.com/advisories/9628/
CRITICAL:
Less critical
IMPACT:
Manipulation of data, Privilege escalation, DoS
WHERE:
Local system
OPERATING SYSTEM:
HP-UX 11.x
HP-UX 10.x
DESCRIPTION:
HP has confirmed an older vulnerability in HP-UX, which can be
exploited by malicious, local users to corrupt the filesystem, cause
a DoS (Denial of Service) or escalate their privileges.
The vulnerability is caused due to some shells creating temporary
files insecurely with names based on a process id when using the "<<"
redirection operator. This can be exploited by either manipulating
the temporary files or via symlink attacks.
The vulnerability affects HP9000 servers running HP-UX versions
B.10.20, B.11.00, or B.11.11.
SOLUTION:
Apply patches.
HP-UX B.11.11:
PHCO_27345 (sh-posix)
PHCO_27019 (ksh)
PHCO_26561 (csh)
HP-UX B.11.00:
PHCO_27344 (sh-posix)
PHCO_27418 (ksh)
PHCO_27763 (csh)
HP-UX B.10.20:
PHCO_27804 (sh-posix)
PHCO_27803 (ksh)
PHCO_27819 (csh)
REPORTED BY / CREDITS:
Gordon Irlam
ORIGINAL ADVISORY:
http://www4.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0308-275
OTHER REFERENCES:
http://www.kb.cert.org/vuls/id/10277
----------------------------------------------------------------------
Secunia recommends that you verify all advisories you receive, by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
Contact details:
Web : http://www.secunia.com/
E-mail : supportsecunia.com
Tel : +45 7020 5144
Fax : +45 7020 5145
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]