PT-2006-6170 · Hewlett Packard · Dtmail+2
Published
2006-10-18
·
Updated
2018-10-17
·
CVE-2006-5452
CVSS v2.0
4.6
Medium
| Vector | AV:L/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
dtmail versions 4.0F through 5.1B on HP Tru64 UNIX
dtmail on HP-UX versions B.11.00 through B.11.23
Description
A buffer overflow issue exists, allowing local users to execute arbitrary code via a long -a argument.
Recommendations
For dtmail on HP Tru64 UNIX versions 4.0F through 5.1B, avoid using long -a arguments until a fix is available.
For dtmail on HP-UX versions B.11.00 through B.11.23, restrict the use of the -a argument to prevent exploitation.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Hp Tru64 Unix
Hp-Ux
Dtmail