CERTA-2002-AVI-119

Vulnerability from certfr_avis - Published: - Updated:

None

Description

Une vulnerabilité de Software Distributor permet à un utilisateur local mal intentionné d'accéder à des données auquelles il n'a normalement pas accès avec son niveau de privilège. Selon Hewlett Packard, cette vulnérabilité permettrait d'engendrer un déni de service.

Solution

Appliquer les correctifs fournis par Hewlett Packard (Se référer à la section documentation).

  • PHCO-25875 pour la version 11.00;
  • PHCO-25887 pour la version 11.11.

Serveur HP 9000 fonctionnant sous HP-UX versions 11.00 et 11.11 seulement.

Impacted products
Vendor Product Description
References

Show details on source website
To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eServeur HP 9000 fonctionnant sous HP-UX  versions 11.00 et 11.11 seulement.\u003c/p\u003e",
  "content": "## Description\n\nUne vulnerabilit\u00e9 de Software Distributor permet \u00e0 un utilisateur local\nmal intentionn\u00e9 d\u0027acc\u00e9der \u00e0 des donn\u00e9es auquelles il n\u0027a normalement pas\nacc\u00e8s avec son niveau de privil\u00e8ge. Selon Hewlett Packard, cette\nvuln\u00e9rabilit\u00e9 permettrait d\u0027engendrer un d\u00e9ni de service.\n\n## Solution\n\nAppliquer les correctifs fournis par Hewlett Packard (Se r\u00e9f\u00e9rer \u00e0 la\nsection documentation).\n\n-   PHCO-25875 pour la version 11.00;\n-   PHCO-25887 pour la version 11.11.\n",
  "cves": [],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 de HP HPSBUX0205-194 du 29 mai 2002",
      "url": "http://itrc.hp.com/"
    }
  ],
  "reference": "CERTA-2002-AVI-119",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2002-06-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Divulgation de donn\u00e9es"
    }
  ],
  "summary": null,
  "title": "Vuln\u00e9rabilit\u00e9 dans Software Distributor sous HP-UX",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 #0194 de Hewlett Packard",
      "url": null
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.