|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[SA20934] HP-UX mkdir Unspecified Unauthorized Access Vulnerability
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Mon Jul 03 2006 - 05:32:04 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
----------------------------------------------------------------------
Reverse Engineer Wanted
Secunia offers a Security Specialist position with emphasis on
reverse engineering of software and exploit code, auditing of
source code, and analysis of vulnerability reports.
http://secunia.com/secunia_security_specialist/
----------------------------------------------------------------------
TITLE:
HP-UX mkdir Unspecified Unauthorized Access Vulnerability
SECUNIA ADVISORY ID:
SA20934
VERIFY ADVISORY:
http://secunia.com/advisories/20934/
CRITICAL:
Less critical
IMPACT:
Security Bypass
WHERE:
Local system
OPERATING SYSTEM:
HP-UX 11.x
http://secunia.com/product/138/
DESCRIPTION:
A vulnerability has been reported in HP-UX, which can be exploited by
malicious, local users to bypass certain security restrictions.
The vulnerability is caused due to an unspecified error in mkdir and
can be exploited to gain unauthorised access to an affected system.
The vulnerability has been reported in HP-UX B.11.00, B.11.04,
B.11.11, and B.11.23
SOLUTION:
Apply patches.
http://itrc.hp.com
HP-UX B.11.00:
Install PHCO_34533
HP-UX B.11.04:
Install PHCO_35040
HP-UX B.11.11:
Install PHCO_32036
HP-UX B.11.23:
Install PHCO_34151
PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.
ORIGINAL ADVISORY:
HPSBUX02128 SSRT5996:
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00705390
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]