发布时间 :2004-12-31 00:00:00
修订时间 :2017-07-10 21:31:04

[原文]Unknown vulnerability in Serviceguard A.11.13 through A.11.16.00 and Cluster Object Manager A.01.03 and B.01.04 through B.03.00.01 on HP-UX, Serviceguard A.11.14.04 and A.11.15.04 and Cluster Object Manager B.02.01.02 and B.02.02.02 on HP Linux, allow remote attackers to gain privileges via unknown attack vectors.

[CNNVD]HP ServiceGuard未明远程用户root用户权限访问漏洞(CNNVD-200412-1142)

        HP ServiceGuard用于监视系统状态的服务程序。
        HP ServiceGuard存在一个未明问题,远程攻击者可以利用这个漏洞在目标网络系统上获得所有节点的root用户权限。

- CVSS (基础分值)

CVSS分值: 10 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(PATCH)  BID  11507
(UNKNOWN)  XF  hp-cluster-serviceguard-gain-privileges(17867)

- 漏洞信息

HP ServiceGuard未明远程用户root用户权限访问漏洞
危急 未知
2004-12-31 00:00:00 2005-10-20 00:00:00
        HP ServiceGuard用于监视系统状态的服务程序。
        HP ServiceGuard存在一个未明问题,远程攻击者可以利用这个漏洞在目标网络系统上获得所有节点的root用户权限。

- 公告与补丁

        HPSBUX01080:SSRT3526 rev.0 Serviceguard potential increase in privilege
        For HP-UX:
        B.11.00 and B.11.11, SG/SGOPS, A.11.13, PHSS_29120
        B.11.00 and B.11.11, COM, A.01.03, PHSS_29121
        B.11.00 and B.11.11, SG/SGOPS, A.11.14, PHSS_31065
        B.11.00 and B.11.11, COM, B.01.04, PHSS_31066
        B.11.11, SG, A.11.15.00, PHSS_31067
        B.11.11, COM, B.02.02.00, PHSS_31069
        B.11.23 IA/PA, SG, A.11.15.00, PHSS_31068
        B.11.23 IA/PA, COM, B.02.02.00, PHSS_31070
        B.11.11, SG, A.11.16.00, PHSS_31071
        B.11.11, COM, B.03.00.00, PHSS_31073
        B.11.23 IA/PA, SG, A.11.16.00, PHSS_31072
        B.11.23 IA/PA, COM, B.03.00.00, PHSS_31074
        B.11.23 IA/PA, COM, B.03.00.01, PHSS_31074
        RedHat 7.3 & Enterprise Linux AS/ES 2.1 (IA-32)
        SG A.11.14.04 SGLX_00019
        COM B.02.01.02 SGLX_00021
        SUSE SLES8 United Linux 1.0 (IA-32)
        SG A.11.14.04 SGLX_00020
        COM B.02.01.02 SGLX_00022
        SUSE SLES8 United Linux 1.0 (IA-32)
        SG A.11.15.04 SGLX_00023
        COM B.02.02.02 SGLX_00025
        SUSE SLES8 United Linux 1.0 (IA-64)
        SG A.11.15.04 SGLX_00024
        COM B.02.02.02 SGLX_00026
        RedHat Enterprise Linux AS/ES 3 (IA-32)
        SG A.11.15.04 SGLX_00027
        COM B.02.02.02 SGLX_00029
        RedHat Enterprise Linux AS 3 (IA-64)
        SG A.11.15.04 SGLX_00028
        COM B.02.02.02 SGLX_00030

- 漏洞信息

HP Serviceguard Unspecified Remote Privilege Escalation
Remote / Network Access Attack Type Unknown
Loss of Confidentiality, Loss of Integrity
Exploit Unknown

- 漏洞描述

HP-UX Serviceguard contains a flaw related to the its security domain that may allow a remote attacker to gain escalated privileges. No further details have been provided.

- 时间线

2004-10-21 Unknow
Unknow Unknow

- 解决方案

The recommended course of action for correcting this problem depends upon the version of Serviceguard you are running. For detailed information regarding available patches and/or workarounds, read the paper entitled "Securing Serviceguard" at the referenced vendor-specific solution URL.

- 相关参考

- 漏洞作者

Unknown or Incomplete