Hewlett-Packard HP-UX newgrp command does not function properly

2001-04-30T00:00:00
ID VU:249224
Type cert
Reporter CERT
Modified 2004-02-23T00:00:00

Description

Overview

A security vulnerability exists in the newgrp command on certain Hewlett-Packard systems.

Description

HP9000 servers running HP-UX release 11.11 contain a security vulnerability allowing users to gain increased capability. No further details are available. See HP document HPSBUX0103-147.


Impact

The complete impact of this vulnerability is not yet known.


Solution

Apply a patch as described in the HP bulletin.


Systems Affected

Vendor| Status| Date Notified| Date Updated
---|---|---|---
Hewlett-Packard Company| | 26 Mar 2001| 30 Apr 2001
If you are a vendor and your product is affected, let us know.

CVSS Metrics

Group | Score | Vector
---|---|---
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | N/A | N/A

References

  • None

Credit

This document was written by Shawn V. Hernan.

Other Information

  • CVE IDs: Unknown
  • Date Public: 26 Mar 2001
  • Date First Published: 30 Apr 2001
  • Date Last Updated: 23 Feb 2004
  • Document Revision: 6