HP-UX Logins Command Remote Unauthorized Access Vulnerability
BID:25740
Info
HP-UX Logins Command Remote Unauthorized Access Vulnerability
| Bugtraq ID: | 25740 |
| Class: | Access Validation Error |
| CVE: |
CVE-2007-5008 |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 19 2007 12:00AM |
| Updated: | May 07 2015 05:35PM |
| Credit: | The vendor disclosed this issue. |
| Vulnerable: |
HP HP-UX B.11.31 HP HP-UX B.11.23 HP HP-UX B.11.11 Avaya Proactive Contact 0 Avaya Predictive Dialing System (PDS) 12.0 |
| Not Vulnerable: | |
Discussion
HP-UX Logins Command Remote Unauthorized Access Vulnerability
HP-UX is prone to a remote unauthorized-access vulnerability because the software fails to properly report password status to administrators.
Malicious users may exploit this issue to gain unauthorized access to computers because administrators may not have sufficient knowledge of their account status.
HP-UX is prone to a remote unauthorized-access vulnerability because the software fails to properly report password status to administrators.
Malicious users may exploit this issue to gain unauthorized access to computers because administrators may not have sufficient knowledge of their account status.
Exploit / POC
HP-UX Logins Command Remote Unauthorized Access Vulnerability
Attackers require valid login credentials to exploit this issue.
Attackers require valid login credentials to exploit this issue.
Solution / Fix
HP-UX Logins Command Remote Unauthorized Access Vulnerability
Solution:
The vendor has released an advisory along with patches to address this issue. Please see the references for more information.
Solution:
The vendor has released an advisory along with patches to address this issue. Please see the references for more information.
References
HP-UX Logins Command Remote Unauthorized Access Vulnerability
References:
References: