CVE-2001-1198

Severity

72%

Complexity

39%

Confidentiality

165%

RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option.

RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option.

CVSS 2.0 Base Score 7.2. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:C/I:C/A:C).

Overview

Type

HP-UX

First reported 23 years ago

2001-12-15 05:00:00

Last updated 7 years ago

2017-10-11 01:29:00

Affected Software

HP HP-UX 10.01

10.01

HP HP-UX 10.10

10.10

HP HP-UX 10.20

10.20

HP-UX 11.00

11.00

HP-UX 11.11

11.11

References

hp-rlpd-create-log(7729)

Patch, Vendor Advisory

20011215 HP-UX setuid rlpdaemon induced to make illicit file writes

Patch, Vendor Advisory

3701

Patch, Vendor Advisory

oval:org.mitre.oval:def:5763

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.