CERTA-2000-AVI-069

Vulnerability from certfr_avis - Published: - Updated:

Un utilisateur mal intentionné peut, par le biais de dtterm, augmenter ses privilèges utilisateur.

Description

Dans l'environnement graphique CDE, La commande dtterm permet d'émuler un terminal sous unix.

Une vulnérabilité dans cet émulateur permet à un utilisateur d'accroître ses privilèges.

Solution

Appliquer les correctifs proposés sur le site HP :

http://europe-support.external.hp.com
  • Correctif pour HP-UX 10.10 : Non disponible ;
  • Correctif pour HP-UX 10.24 : PHSS_22546 ;
  • Correctif pour HP-UX 10.20 : PHSS_22319 ;
  • Correctif pour HP-UX 11.04 : PHSS_22548 ;
  • Correctif pour HP-UX 11.00 : PHSS_22320.

Sous 10.20 après avoir installé le correctif PHSS_22319, modifier les permissions :

chmod 555 /usr/vue/bin/dtterm

Contournement provisoire

Sous 10.10, modifier les permissions pour supprimer la vulnérabilité :

chmod 555 /usr/dt/bin/dtterm

chmod 555 /usr/vue/bin/dtterm

None
Impacted products
Vendor Product Description
N/A N/A HP-UX 10.20 ;
N/A N/A HP-UX 10.10 ;
N/A N/A HP-UX 11.04 ;
N/A N/A HP-UX 10.24 ;
N/A N/A HP-UX 11.00.
References

Show details on source website
To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "HP-UX 10.20 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP-UX 10.10 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP-UX 11.04 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP-UX 10.24 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP-UX 11.00.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDans l\u0027environnement graphique CDE, La commande dtterm permet d\u0027\u00e9muler\nun terminal sous unix.\n\nUne vuln\u00e9rabilit\u00e9 dans cet \u00e9mulateur permet \u00e0 un utilisateur d\u0027accro\u00eetre\nses privil\u00e8ges.\n\n## Solution\n\nAppliquer les correctifs propos\u00e9s sur le site HP :\n\n    http://europe-support.external.hp.com\n\n-   Correctif pour HP-UX 10.10 : Non disponible ;\n-   Correctif pour HP-UX 10.24 : PHSS_22546 ;\n-   Correctif pour HP-UX 10.20 : PHSS_22319 ;\n-   Correctif pour HP-UX 11.04 : PHSS_22548 ;\n-   Correctif pour HP-UX 11.00 : PHSS_22320.\n\nSous 10.20 apr\u00e8s avoir install\u00e9 le correctif PHSS_22319, modifier les\npermissions :\n\nchmod 555 /usr/vue/bin/dtterm\n\n## Contournement provisoire\n\nSous 10.10, modifier les permissions pour supprimer la vuln\u00e9rabilit\u00e9 :\n\nchmod 555 /usr/dt/bin/dtterm\n\nchmod 555 /usr/vue/bin/dtterm\n",
  "cves": [],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 de HP :",
      "url": "http://itrc.hp.com"
    }
  ],
  "reference": "CERTA-2000-AVI-069",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2000-11-06T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Augmentation des privil\u00e8ges utilisateur"
    }
  ],
  "summary": "Un utilisateur mal intentionn\u00e9 peut, par le biais de dtterm, augmenter\nses privil\u00e8ges utilisateur.\n",
  "title": "Vuln\u00e9rabilit\u00e9 sous HP UX (dtterm)",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "HP Security bulletin",
      "url": null
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.