SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (UNIX)  >   ps Vendors:   HPE
HP Tru64 UNIX ps Command Discloses Potentially Sensitive Information to Local Users
SecurityTracker Alert ID:  1018005
SecurityTracker URL:  http://securitytracker.com/id/1018005
CVE Reference:   CVE-2007-0805   (Links to External Site)
Updated:  May 12 2008
Original Entry Date:  May 4 2007
Impact:   Disclosure of system information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 4.0F PK8, 4.0G PK4, 5.1A PK6, 5.1B-3, 5.1B-4
Description:   A vulnerability was reported in the 'ps' command on HP Tru64 UNIX. A local user can view potentially sensitive information.

A local user can invoke the command to view information about the arguments and environment variables of a process.
Impact:   A local user can view potentially sensitive information about a process.
Solution:   The vendor has issued the following Early Release Patch kits.

HP Tru64 UNIX Version v5.1B-4 ERP Kit

Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001143-V51BB27-ES-20070305

Name: T64KIT1001143-V51BB27-ES-20070305

MD5 Checksum: 44b15d10895cf0606003a572b3310f9a

HP Tru64 UNIX Version v5.1B-3 ERP Kit

Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001144-V51BB26-ES-20070305

Name: T64KIT1001144-V51BB26-ES-20070305

MD5 Checksum: 67cfabb7cd3c422e2dc6bb6ed3d7d290

HP Tru64 UNIX Version v5.1A PK6 ERP Kit

Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001145-V51AB24-ES-20070305

Name: T64KIT1001145-V51AB24-ES-20070305

MD5 Checksum: de6885b166dba703af862ce05431e5cc

HP Tru64 UNIX Version v4.0G PK4 ERP Kit

Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001179-V40GB22-ES-20070330

Name: T64KIT1001179-V40GB22-ES-20070330

MD5 Checksum: 31129e60bb01ffdea015312c0e019fae

HP Tru64 UNIX Version v4.0F PK8 ERP Kit

Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001180-V40FB22-ES-20070330

Name: DUXKIT1001180-V40FB22-ES-20070330

MD5 Checksum: db9d634bb27f02642e00f149d6ebb8ee

The HP advisory is available at:

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00817515
Vendor URL:  h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00817515 (Links to External Site)
Cause:   Access control error

Message History:   None.

 Source Message Contents


[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC