shar on HP-UX B.11.00, B.11.04, and B.11.11 creates temporary files with predictable names in /tmp, which allows local users to cause a denial of service and possibly execute arbitrary code via a symlink attack.
References
Link | Resource |
---|---|
http://www.kb.cert.org/vuls/id/CRDY-5VFQA3 | Patch Third Party Advisory US Government Resource |
http://www.kb.cert.org/vuls/id/509454 | Third Party Advisory US Government Resource |
http://www.ciac.org/ciac/bulletins/o-032.shtml | Patch |
http://www.securityfocus.com/bid/9141 | Patch |
http://secunia.com/advisories/10339 | Patch |
https://exchange.xforce.ibmcloud.com/vulnerabilities/13882 | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5788 |
Configurations
Configuration 1 (hide)
|
Information
Published : 2003-12-30 21:00
Updated : 2017-10-10 18:29
NVD link : CVE-2003-1099
Mitre link : CVE-2003-1099
JSON object : View
CWE
Products Affected
hp
- hp-ux