HP StorageWorks Library and Tape Tools Lets Local Users Gain Elevated Privileges
|
|
SecurityTracker Alert ID: 1019651
|
|
SecurityTracker URL: http://securitytracker.com/id?1019651
|
|
CVE Reference: CVE-2008-0707
(Links to External Site)
|
Date: Mar 19 2008
|
Impact: User access via local system
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Advisory: HP Security Bulletin
|
Version(s): prior to 4.5 SR1
|
Description: A vulnerability was reported in HP StorageWorks Library and Tape Tools. A local user can obtain elevated privileges on the target system.
A local user can "gain unauthorized access."
|
Impact: A local user can obtain elevated privileges on the target system.
|
Solution: The vendor has issued a fixed version (4.5 SR1, dated 7 Mar 2008), available at:
www.hp.com/support/tapetools
The vendor's advisory is available at:
https://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01399648
|
Vendor URL: www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01399648 (Links to External Site)
|
Cause: Not specified
|
Underlying OS: UNIX (HP/UX)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 18 Mar 2008 19:10:32 -0500
Subject: HPSBST02321 SSRT080029 rev.1 - HP StorageWorks Library and Tape Tools (LTT) Running on HP-UX, Local Unauthorized Access
|
https://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01399648
CVE-2008-0707
|
|
