PT-2006-6392 · Hewlett Packard · Hp Nonstop Server

Published

2006-11-04

Updated

2017-07-20

CVE-2006-5704

CVSS v2.0

6.2

Medium

Vector

AV:L/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: HP NonStop Server version G06.29

Description: The issue arises when the Standard Security T6533G06 is used before it is updated to T6533G06^ABK. In this scenario, the system does not properly evaluate access permissions to OSS directories when there is no optional ACL entry. This oversight allows local users to read arbitrary files, potentially exposing sensitive information.

Recommendations: For HP NonStop Server version G06.29, update the Standard Security to at least T6533G06^ABK to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-5704

Affected Products

Hp Nonstop Server

PT-2006-6392 · Hewlett Packard · Hp Nonstop Server

CVE-2006-5704

Related Identifiers

Affected Products

References · 7