PT-2014-8328 · Hewlett Packard · Hp-Ux

Published

2014-12-10

Updated

2019-10-09

CVE-2014-7879

CVSS v2.0

8.5

High

Vector

AV:N/AC:M/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions HP-UX versions B.11.11 through B.11.31

Description The issue allows remote authenticated users to bypass authentication and execute arbitrary code via unspecified vectors when the PAM configuration includes libpam updbe.

Recommendations For HP-UX versions B.11.11 through B.11.31, consider removing or disabling the libpam updbe configuration from PAM to prevent exploitation until a patch is available.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2014-7879

HPSBUX03166

Affected Products

Hp-Ux

PT-2014-8328 · Hewlett Packard · Hp-Ux

CVE-2014-7879

Weakness Enumeration

Related Identifiers

Affected Products

References · 4