SecurityTracker: HP-UX mkdir Unspecified Bug Lets Local Users Gain Unauthorized Access

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

SecurityTracker Alert ID: 1016410

SecurityTracker URL: http://securitytracker.com/id/1016410

CVE Reference: CVE-2006-3335 (Links to External Site)

Updated: Aug 12 2008

Original Entry Date: Jun 29 2006

Impact: User access via local system

Fix Available: Yes Vendor Confirmed: Yes

Version(s): B.11.00, B.11.04, B.11.11, B.11.23

Description: A vulnerability was reported in mkdir on HP-UX. A local user can gain unauthorized access.

A local user can invoke mkdir(1) to gain unauthorized access. No further details were provided.

Impact: A local user can gain unauthorized access.

Solution: HP has issued the following patches, available at:

http://itrc.hp.com

HP-UX B.11.00 PHCO_34533

HP-UX B.11.04 PHCO_35040

HP-UX B.11.11 PHCO_32036

HP-UX B.11.23 PHCO_34151

The HP advisory is available at:

http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00705390

Vendor URL: www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00705390 (Links to External Site)

Cause: Not specified

Message History: None.

Date: Thu, 29 Jun 2006 08:46:48 -0400
Subject: HPSBUX02128 SSRT5996 - rev.1 HP-UX mkdir(1) Local Unauthorized Access


http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00705390