HP-UX Update For NLSPath HPSBUX00294 Network Vulnerability

Impact

Increase in privilege.

Solution

Please Install the Updated Packages.

Insight

A potential security vulnerability has been identified with HP-UX where superuser cannot restrict the paths set in the NLSPATHenvironment variable for setuid root programs whichare using catopen(3C) and executed by others.

Affected

NLSPath on HP-UX B.10.20, B.11.00, B.11.04, B.11.11, and B.11.22.

References

http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c00908653-1

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

HP-UX Update for NFS/ONCplus HPSBUX02509
HP-UX Update for Apache HPSBUX00256
HP-UX Update for useradd(1M) HPSBUX02366
HP-UX Update for dtmailpr Software HPSBUX00300
HP-UX Update for ARPA Transport HPSBUX00205

HP-UX Update for NLSPath HPSBUX00294

Take action and discover your vulnerabilities