CVE-2007-0805

Severity

21%

Complexity

39%

Confidentiality

48%

The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5.1 1885 allows local users to obtain sensitive information, including environment variables of arbitrary processes, via the "auxewww" argument, a similar issue to CVE-1999-1587.

The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5.1 1885 allows local users to obtain sensitive information, including environment variables of arbitrary processes, via the "auxewww" argument, a similar issue to CVE-1999-1587.

CVSS 2.0 Base Score 2.1. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:N/A:N).

Overview

First reported 18 years ago

2007-02-07 11:28:00

Last updated 6 years ago

2018-10-16 16:34:00

Affected Software

HP Compaq Tru64 5.1

5.1

References

HPSBTU02179

20070206 PS Information Leak on HP True64 Alpha OSF1 v5.1 1885

33113

http://rawlab.mindcreations.com/codes/exp/nix/osf1tru64ps.ksh

Exploit

24041

Vendor Advisory

25135

1017592

20070206 Re: [Full-disclosure] PS Information Leak on HP Tru64 Alpha OSF1v5.1 1885

20070206 PS Information Leak on HP True64 Alpha OSF1 v5.1 1885

20070207 Re: PS Information Leak on HP True64 Alpha OSF1 v5.1 1885

1018005

ADV-2007-1654

tru64-ps-information-disclosure(32276)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.