CVE-2006-2574
CVSS7.2
发布时间 :2006-05-24 19:02:00
修订时间 :2011-03-07 21:36:31
NMCOS    

[原文]Multiple unspecified vulnerabilities in Software Distributor in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allow local users to gain privileges via unspecified attack vectors.


[CNNVD]HP-UX Software 多个未明特权提升漏洞(CNNVD-200605-451)

        HP-UX是一款HP公司开发的UNIX操作系统。
        HP-UX B.11.00, B.11.04, B.11.11和 B.11.23版本中的 Software Distributor存在多个未明漏洞,本地用户可以通过未明工具向量取得特权。

- CVSS (基础分值)

CVSS分值: 7.2 [严重(HIGH)]
机密性影响: COMPLETE [完全的信息泄露导致所有系统文件暴露]
完整性影响: COMPLETE [系统完整性可被完全破坏]
可用性影响: COMPLETE [可能导致系统完全宕机]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/o:hp:hp-ux:11.23::ia64_64-bit
cpe:/o:hp:hp-ux:11.4HP HP-UX 11.4
cpe:/o:hp:hp-ux:11.00HP-UX 11.00
cpe:/o:hp:hp-ux:11.11HP-UX 11.11

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:5568HP-UX Running Software Distributor Local Elevation of Privilege
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2574
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2574
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200605-451
(官方数据源) CNNVD

- 其它链接及资源

http://www.securityfocus.com/archive/1/archive/1/434838/100/0/threaded
(PATCH)  HP  HPSBUX02114
http://securitytracker.com/id?1016139
(PATCH)  SECTRACK  1016139
http://secunia.com/advisories/20230
(VENDOR_ADVISORY)  SECUNIA  20230
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00659649
(PATCH)  CONFIRM  http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00659649
http://www.vupen.com/english/advisories/2006/1947
(UNKNOWN)  VUPEN  ADV-2006-1947
http://www.securityfocus.com/archive/1/archive/1/434838/100/0/threaded
(UNKNOWN)  HP  SSRT061115
http://xforce.iss.net/xforce/xfdb/26609
(UNKNOWN)  XF  hpux-sd-privilege-escalation(26609)
http://www.securityfocus.com/bid/18098
(UNKNOWN)  BID  18098
http://support.avaya.com/elmodocs2/security/ASA-2006-106.htm
(UNKNOWN)  CONFIRM  http://support.avaya.com/elmodocs2/security/ASA-2006-106.htm
http://securityreason.com/securityalert/964
(UNKNOWN)  SREASON  964
http://secunia.com/advisories/20332
(UNKNOWN)  SECUNIA  20332

- 漏洞信息

HP-UX Software 多个未明特权提升漏洞
高危 边界条件错误
2006-05-24 00:00:00 2009-03-04 00:00:00
本地  
        HP-UX是一款HP公司开发的UNIX操作系统。
        HP-UX B.11.00, B.11.04, B.11.11和 B.11.23版本中的 Software Distributor存在多个未明漏洞,本地用户可以通过未明工具向量取得特权。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00659649&hpweb_printable=true

- 漏洞信息

25804
HP-UX Software Distributor Unspecified Privilege Escalation
Patch / RCS

- 漏洞描述

Unknown or Incomplete

- 时间线

2006-05-23 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

HP-UX Software Distributor SWAsk Local Format String Vulnerability
Input Validation Error 20726
No Yes
2006-05-24 12:00:00 2006-10-26 07:38:00
NCC Group is credited with the discovery of this vulnerability.

- 受影响的程序版本

HP HP-UX B.11.23
HP HP-UX B.11.11
HP HP-UX B.11.04
HP HP-UX B.11.00
Avaya Predictive Dialer 0

- 漏洞讨论

HP-UX is prone to a local format-string vulnerability because it fails to properly sanitize user-supplied input before including it in the format-specifier argument of a formatted-printing function.

A local attacker may exploit this issue to execute arbitrary machine code in the context of the affected application. Since the application executes by default with superuser privileges, successfully exploiting this issue will result in a computer compromise.

This issue was originally disclosed as part of BID 18098 (HP-UX Software Distributor Unspecified Local Privilege Escalation Vulnerability), but has been assigned a separate record because of new information.

- 漏洞利用

The following exploit code is available:

- 解决方案

The vendor has released security advisory HPSBUX02114 (SSRT061115 rev.1 - HP-UX Running Software Distributor Local Elevation of Privilege) to address this issue.


HP HP-UX B.11.23

HP HP-UX B.11.04

HP HP-UX B.11.00

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站