ID CVE-2006-5452
Summary Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument.
References
Vulnerable Configurations
  • HP-UX 11.00
    cpe:2.3:o:hp:hp-ux:11.00
  • HP HP-UX 11.4
    cpe:2.3:o:hp:hp-ux:11.4
  • HP-UX 11.11
    cpe:2.3:o:hp:hp-ux:11.11
  • HP-UX 11i v1.6
    cpe:2.3:o:hp:hp-ux:11.22
  • cpe:2.3:o:hp:hp-ux:11.23:-:ia64_64-bit
    cpe:2.3:o:hp:hp-ux:11.23:-:ia64_64-bit
  • HP Tru64 4.0f
    cpe:2.3:o:hp:tru64:4.0f
  • HP Tru64 4.0f pk8
    cpe:2.3:o:hp:tru64:4.0f:pk8
  • HP Tru64 4.0g
    cpe:2.3:o:hp:tru64:4.0g
  • HP Tru64 4.0g pk4
    cpe:2.3:o:hp:tru64:4.0g:pk4
  • HP Tru64 5.0a
    cpe:2.3:o:hp:tru64:5.0a
  • HP Compaq Tru64 5.1
    cpe:2.3:o:hp:tru64:5.1
  • HP Tru64 5.1a
    cpe:2.3:o:hp:tru64:5.1a
  • HP Tru64 5.1a pk6
    cpe:2.3:o:hp:tru64:5.1a:pk6
  • HP Tru64 UNIX 5.1af
    cpe:2.3:o:hp:tru64:5.1af
  • HP Tru64 UNIX 5.1b pk1
    cpe:2.3:o:hp:tru64:5.1b:pk1
  • HP Tru64 UNIX 5.1b2 pk4
    cpe:2.3:o:hp:tru64:5.1b2:pk4
  • HP Tru64 5.1B3
    cpe:2.3:o:hp:tru64:5.1b3
CVSS
Base: 4.6 (as of 23-10-2006 - 18:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_35435.NASL
    description s700_800 11.23 CDE Applications Patch : A potential security vulnerability has been identified with HP-UX running dtmail. The vulnerability could be exploited by a local, authorized user to execute arbitrary code as a member of the 'mail' group. References: NETRAGARD-20060810.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 22917
    published 2006-10-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22917
    title HP-UX PHSS_35435 : HP-UX Running dtmail, Local Execution of Arbitrary Code (HPSBUX02162 SSRT061223 rev.1)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_35433.NASL
    description s700_800 11.00 CDE Runtime Patch : A potential security vulnerability has been identified with HP-UX running dtmail. The vulnerability could be exploited by a local, authorized user to execute arbitrary code as a member of the 'mail' group. References: NETRAGARD-20060810.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 22916
    published 2006-10-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22916
    title HP-UX PHSS_35433 : HP-UX Running dtmail, Local Execution of Arbitrary Code (HPSBUX02162 SSRT061223 rev.1)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_35434.NASL
    description s700_800 11.11 CDE Applications Patch : A potential security vulnerability has been identified with HP-UX running dtmail. The vulnerability could be exploited by a local, authorized user to execute arbitrary code as a member of the 'mail' group. References: NETRAGARD-20060810.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 22919
    published 2006-10-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22919
    title HP-UX PHSS_35434 : HP-UX Running dtmail, Local Execution of Arbitrary Code (HPSBUX02162 SSRT061223 rev.1)
oval via4
accepted 2014-03-24T04:01:39.978-04:00
class vulnerability
contributors
  • name Michael Wood
    organization Hewlett-Packard
  • name Sushant Kumar Singh
    organization Hewlett-Packard
  • name Sushant Kumar Singh
    organization Hewlett-Packard
description Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument.
family unix
id oval:org.mitre.oval:def:5175
status accepted
submitted 2008-07-03T16:09:05.000-04:00
title HP-UX Running dtmail, Local Execution of Arbitrary Code
version 37
refmap via4
bid 20580
hp
  • HPSBTU02163
  • HPSBUX02162
  • SSRT061223
misc http://www.netragard.com/pdfs/research/HP-TRU64-DTMAIL-20060810.txt
sectrack
  • 1017083
  • 1017098
  • 1017099
secunia
  • 22451
  • 22528
vupen
  • ADV-2006-4139
  • ADV-2006-4140
xf dtmail-tru64-bo(29644)
Last major update 07-03-2011 - 21:43
Published 23-10-2006 - 13:07
Last modified 17-10-2018 - 17:42
Back to Top