Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1256

Overview

Vulnerability Score 1.2 1.2
CVE Id CVE-2001-1256
Last Modified 04 Mar 2009 12:10:08
Published 11 Jun 2001 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2001-1256

Summary

kmmodreg in HP-UX 11.11, 11.04 and 11.00 allows local users to create arbitrary world-writeable files via a symlink attack on the (1) /tmp/.kmmodreg_lock and (2) /tmp/kmpath.tmp temporary files.

Vulnerable Systems

Operating System

  • Hp-ux 11.00

  • Hp-ux 11.04

  • Hp-ux 11.11


References

CONFIRM - http://www.kb.cert.org/vuls/id/TJSL-4Z5Q92

CERT-VN - VU#127435

CIAC - L-093

XF - hpux-kmmodreg-symlink(6656)

BID - 2821

BUGTRAQ - 20010604 yet another sym link followers

HP - HPSBUX0106-153


Last Updated: 27 May 2016 10:36:36