HP-UX System Administration Manager Privilege Escalation Vulnerability
BID:12098
Info
HP-UX System Administration Manager Privilege Escalation Vulnerability
| Bugtraq ID: | 12098 |
| Class: | Unknown |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Dec 23 2004 12:00AM |
| Updated: | Dec 23 2004 12:00AM |
| Credit: | The individual or individuals responsible for the discovery of this issue are currently unknown; the vendor disclosed this issue. |
| Vulnerable: |
HP HP-UX 11.23 HP HP-UX 11.22 HP HP-UX 11.11 HP HP-UX 11.0 4 HP HP-UX 11.0 HP HP-UX B.11.23 HP HP-UX B.11.22 HP HP-UX B.11.11 HP HP-UX B.11.04 HP HP-UX B.11.00 |
| Not Vulnerable: | |
Discussion
HP-UX System Administration Manager Privilege Escalation Vulnerability
HP has announced a vulnerability affecting the SAM component of HP-UX. The details of the vulnerability are not yet clear. It is reportedly possible for a local user to gain unauthorized privileges. This alert will be updated as further technical details emerge.
HP has announced a vulnerability affecting the SAM component of HP-UX. The details of the vulnerability are not yet clear. It is reportedly possible for a local user to gain unauthorized privileges. This alert will be updated as further technical details emerge.
Exploit / POC
HP-UX System Administration Manager Privilege Escalation Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
HP-UX System Administration Manager Privilege Escalation Vulnerability
Solution:
HP has issued patches for versions B.11.00, B.11.11, B.11.22, and B.11.23. HP has also provided instructions (see advisory) for determining if the vulnerable component is present on a system.
HP has released an update to their advisory. They have updated their affected packages to include HP-US B.11.04; a patch has been provided as well. Please see the referenced advisory for more information.
HP HP-UX B.11.11
HP HP-UX B.11.22
HP HP-UX B.11.23
HP HP-UX B.11.00
HP HP-UX 11.0
HP HP-UX 11.11
HP HP-UX 11.22
HP HP-UX 11.23
Solution:
HP has issued patches for versions B.11.00, B.11.11, B.11.22, and B.11.23. HP has also provided instructions (see advisory) for determining if the vulnerable component is present on a system.
HP has released an update to their advisory. They have updated their affected packages to include HP-US B.11.04; a patch has been provided as well. Please see the referenced advisory for more information.
HP HP-UX B.11.11
HP HP-UX B.11.22
HP HP-UX B.11.23
HP HP-UX B.11.00
HP HP-UX 11.0
HP HP-UX 11.11
HP HP-UX 11.22
HP HP-UX 11.23
References
HP-UX System Administration Manager Privilege Escalation Vulnerability
References:
References: