Remote Code Execution Vulnerability in Hewlett Packard Apollo Domain OS
CVE-1999-1493

Currently unrated

Key Information:

Vendor: HP
Status: Apollo Domain Os
Vendor: CVE Published:; 18 December 1991

Summary

The vulnerability in Hewlett Packard's Apollo Domain OS SR10 through SR10.3 allows remote attackers to exploit insecure system calls to achieve root privilege escalation. Specifically, functions like pad_$dm_cmd and pad_$def_pfk() can be manipulated, creating a potential pathway for unauthorized access and control over the affected systems. It is critical for users of the affected versions to apply necessary security patches to mitigate this risk.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/7158

vdb-entryx_refsource_XF

http://www.cert.org/advisories/CA-1991-23.html

third-party-advisoryx_refsource_CERT

http://www.securityfocus.com/bid/34

vdb-entryx_refsource_BID

Timeline

Vulnerability Reserved
Aug 31, 2001
Vulnerability published
Dec 18, 1991