ID CVE-2008-1662
Summary Unspecified vulnerability in the HP System Administration Manager (SAM) on HP-UX B.11.11 and B.11.23, when used to configure NFS, might allow remote attackers to read or modify arbitrary files, related to an "empty systems list."
References
Vulnerable Configurations
  • cpe:2.3:o:hp:hp-ux:b.11.11:*:*:*:*:*:*:*
    cpe:2.3:o:hp:hp-ux:b.11.11:*:*:*:*:*:*:*
  • cpe:2.3:o:hp:hp-ux:b.11.23:*:*:*:*:*:*:*
    cpe:2.3:o:hp:hp-ux:b.11.23:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_administration_manager:*:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_administration_manager:*:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 29-09-2017 - 01:30)
Impact:
Exploitability:
CWE CWE-16
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
oval via4
accepted 2014-03-24T04:01:47.941-04:00
class vulnerability
contributors
  • name Michael Wood
    organization Hewlett-Packard
  • name Sushant Kumar Singh
    organization Hewlett-Packard
  • name Sushant Kumar Singh
    organization Hewlett-Packard
description Unspecified vulnerability in the HP System Administration Manager (SAM) on HP-UX B.11.11 and B.11.23, when used to configure NFS, might allow remote attackers to read or modify arbitrary files, related to an "empty systems list."
family unix
id oval:org.mitre.oval:def:5814
status accepted
submitted 2008-07-31T12:40:22.000-04:00
title HP-UX Running System Administration Manager (SAM), Unintended Remote Access
version 36
refmap via4
bid 30449
hp
  • HPSBUX02286
  • SSRT071466
sectrack 1020580
secunia 31309
vupen ADV-2008-2258
xf hp-hpux-sam-weak-security(44119)
Last major update 29-09-2017 - 01:30
Published 01-08-2008 - 14:41
Back to Top