PT-2001-2333 · Hewlett Packard · Hp-Ux

Published

2001-12-15

Updated

2017-10-11

CVE-2001-1198

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions HP-UX versions 10.20 through 11.0

Description The issue allows local users to overwrite arbitrary files and gain privileges. This is achieved by specifying the target file in the -L option of the RLPDaemon.

Recommendations For HP-UX versions 10.20 through 11.0, consider restricting access to the RLPDaemon to minimize the risk of exploitation. As a temporary workaround, avoid using the -L option until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-1198

Affected Products

Hp-Ux

PT-2001-2333 · Hewlett Packard · Hp-Ux

CVE-2001-1198

Related Identifiers

Affected Products

References · 5