Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5008

Overview

Vulnerability Score 9.0 9.0
CVE Id CVE-2007-5008
Last Modified 20 Jun 2011 12:00:00
Published 20 Sep 2007 05:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2007-5008

Summary

The logins command in HP-UX B.11.31, B.11.23, and B.11.11 does not correctly report password status, which allows remote attackers to obtain privileges when certain "password issues" are not detected.

Vulnerable Systems

Operating System

  • Hp-ux 11.11

  • Hp-ux 11.23

  • Hp-ux 11.31


References

HP - HPSBUX02259

XF - hpux-logins-unauthorized-access(36702)

VUPEN - ADV-2007-3230

SECTRACK - 1018709

BID - 25740

SECUNIA - 26873

HP - SSRT071439


Last Updated: 27 May 2016 10:47:26