Local File Overwrite Vulnerability in HP Tru64 UNIX Utilities
CVE-2003-0221

Currently unrated

Key Information:

Vendor: HP
Status: Tru64
Vendor: CVE Published:; 12 May 2003

Summary

The dupatch and setld utilities in HP Tru64 UNIX 5.1B PK1 and earlier versions are susceptible to a local file overwrite vulnerability. By exploiting this weakness, local users can create symbolic links that redirect file operations, potentially allowing them to overwrite sensitive files. This action could lead to unauthorized access or escalation of privileges, allowing attackers to gain root access to the system.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/11892

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/7452

vdb-entryx_refsource_BID

http://www.ciac.org/ciac/bulletins/n-086.shtml

vendor-advisoryx_refsource_HP

Timeline

Vulnerability published
May 12, 2003
Vulnerability Reserved
Apr 28, 2003