PT-2001-2388 · Hewlett Packard · Hp-Ux
Published
2001-06-11
·
Updated
2017-12-19
·
CVE-2001-1256
CVSS v2.0
1.2
Low
| Vector | AV:L/AC:H/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions:
HP-UX versions 11.00 through 11.11
Description:
The issue allows local users to create arbitrary world-writeable files via a symlink attack on the /tmp/.kmmodreg lock and /tmp/kmpath.tmp temporary files. This is related to the kmmodreg component.
Recommendations:
For HP-UX versions 11.00 through 11.11, consider restricting access to the kmmodreg component to minimize the risk of exploitation. As a temporary workaround, avoid using the kmmodreg functionality until a patch is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Hp-Ux