HP-UX Unspecified Bug in passwd Lets Local Users Deny Service
|
|
SecurityTracker Alert ID: 1015834
|
|
SecurityTracker URL: http://securitytracker.com/id?1015834
|
|
CVE Reference: CVE-2006-1509
(Links to External Site)
|
|
OSVDB Reference: 24326
(Links to External Site)
|
Updated: Jul 20 2006
|
Original Entry Date: Mar 28 2006
|
Impact: Denial of service via local system
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Advisory: HP Security Bulletin
|
Description: A vulnerability was reported in 'passwd' on HP-UX. A local user can cause denial of service conditions.
A local user can invoke '/sbin/passwd' to cause unspecified denial of service conditions on the target system.
|
Impact: A local user can cause denial of service conditions.
|
Solution: HP has issued the following patches, available at:
http://itrc.hp.com
B.11.00 - PHCO_33219 - /sbin/passwd cumulative patch
B.11.04
- PHCO_34929 - (VVOS) /sbin/passwd cumulative patch
B.11.11 - PHCO_33214 - passwd(1) cumulative patch
B.11.11 - PHCO_33215 - libpam_unix
cumulative patch
B.11.23 - PHCO_32149 - passwd(1) cumulative patch
B.11.23 - PHCO_32926 - libpam_unix
The HP advisory is available
at:
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00619550
|
Vendor URL: www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00619550 (Links to External Site)
|
Cause: Not specified
|
Underlying OS: UNIX (HP/UX)
|
Underlying OS Comments: B.11.00, B.11.04, B.11.11, B.11.23
|
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 28 Mar 2006 00:33:06 -0500
Subject: HPSBUX02103 SSRT5953 rev.2 - HP-UX passwd(1) Local Denial of Service (DoS)
|
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00619550
|
|
