CVE-2008-1660 - Unspecified vulnerability in useradd on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to ac

CVE-2008-1660

Summary

Unspecified vulnerability in useradd on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to access arbitrary files and directories via unspecified vectors.

References

Vulnerable Configurations

cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:11.31:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:11.31:*:*:*:*:*:*:*

CVSS

Base:	6.3 (as of 29-09-2017 - 01:30)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	NONE

cvss-vector via4

AV:L/AC:M/Au:N/C:C/I:C/A:N

oval via4

accepted

2014-03-24T04:01:42.475-04:00

class

vulnerability

contributors

name Michael Wood
organization Hewlett-Packard
name Sushant Kumar Singh
organization Hewlett-Packard
name Sushant Kumar Singh
organization Hewlett-Packard

description

Unspecified vulnerability in useradd on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to access arbitrary files and directories via unspecified vectors.

family

unix

oval:org.mitre.oval:def:5558

status

accepted

submitted

2008-07-03T16:09:03.000-04:00

title

HP-UX Running useradd(1M), Local Unauthorized Access

version

refmap via4

bid	29286
hp	HPSBUX02335 SSRT071454
sectrack	1020045
secunia	30308
vupen	ADV-2008-1570
xf	hpux-useradd-security-bypass(42523)

Last major update

29-09-2017 - 01:30

Published

21-05-2008 - 13:24

Last modified

29-09-2017 - 01:30